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Feds  declare  war 
on  spyware  scams 


Microsoft  to  make 
its  ‘presence’  felt 


■  BY  TIM  GREENE,  JOHN 
FONTANA  AND  PHIL  HOCHMUTH 

Presence  messaging  technol¬ 
ogy  should  be  all  the  rage  this 
week  as  Microsoft  and  a  variety  of 
partners  are  set  to  debut  products 
that  let  users  integrate  VoIP  with 
instant  messaging,  Wi-Fi  and 
videoconferencing  applications. 

At  the  Fall  VON  2004  show  in 
Boston,  vendors  including  Broad- 
soft,  Radvision  and  Jasomi  Net¬ 
works  are  scheduled  to  an¬ 
nounce  compatibility  between 
their  gear  and  Microsoft’s  Live 
Communications  Server  (LCS). 
That  integration  will  let  users  shift 


Building  presence 

The  expanding  adoption  of 
instant  messaging  with  business 
applications  is  the  first  step  in 
incorporating  presence  capa¬ 
bilities  in  corporate  networks. 

Companies  that  use 
IM  with  business 
applications 


SOURCE:  OSTERMAN  RESEARCH 
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on  the  fly  between  IM  and  VoIP 
connections  and  quickly  add  par¬ 
ties  as  they  connect  to  the  net¬ 
work.  In  addition  to  announce¬ 
ments  with  other  vendors  at  the 
VON  show,  Microsoft  is  expected 
to  add  new  voice  capabilities  to 
Windows  Messenger. 

LCS  is  the  cornerstone  of  Micro¬ 
soft’s  real-time  communication 
and  collaboration  strategy.  The 
initial  emphasis  on  IM  and  pres¬ 
ence  awareness  ultimately  will 
combine  with  voice,  video,  audio 
conferencing  and  telephony 
through  support  for  Session 
Initiation  Protocol  (SIP),  and  SIP 
See  VON,  page  14 


and  security  companies  also 
have  been  joining  the  call  to  arms 
as  complaints  from  businesses 
and  consumers  continue  to  grow. 
Among  the  recent  developments: 

•  The  U.S.  House  of  Represen¬ 
tatives  this  month  passed  a  pair  of 
bills  intended  to  criminalize  spy- 
ware,  following  a  Senate  spyware 
bill  that  passed  earlier  this  year 
(see  graphic,  page  66). 

•  California  lawmakers  enacted 
legislation  that,  beginning  Jan.  1, 
bans  software  that  steals  personal 

See  Spyware,  page  66 


o 

o 

lO 

if) 


cr 

LU 

Q. 

< 

CL 

co 

§ 

LU 


■  BY  ELLEN  MESSMER 

Last  week’s  federal  complaint 
against  an  alleged  spyware  pur¬ 
veyor  is  only  an  opening  salvo  in 
what  promises  to  be  an  all-out 
effort  against  spyware-related 
scams  on  the  Web,  according  to 
regulators  and  industry  experts. 

Not  only  did  the  Federal  Trade 
Commission  (FTC)  take  its  first- 
ever  legal  action  to  stop  spyware 
by  targeting  two  businesses  said 
to  be  engaged  in  deceptive  busi¬ 
ness  practices,  but  lawmakers 


A  Wider  Net 


Giving  cell  phones  the  ol’  college  try 

School  says  landlines  not  cutting  it;  one  student  asks:  ‘Why  do  I  need  this?' 


Syracuse  in  a  hilly,  rural  stretch  of  central 
New  York,  has  just  finished  issuing  updated 
Nextel  phones  —  Motorola  iDen  i205 
devices  with  a  walkie  talkie  —  to 
nearly  1 ,800  students  who  live  on 
the  campus.The  only  landline 
connections  are  a  couple  of  tra¬ 
ditional  phones  in  the  lobby  of 
each  dormitory. 

Partly  because  of  the  Direct 
Connect  walkie-talkie  serv  ice 
offered  via  Nextel’s  iDen  net¬ 
work,  the  cell  phones  seem  to  have 
created  fast  and  close  bonds  among  rf.o 
students. 

See  Coiiege,  page  63 


■  BY  JOHN  COX 


Twenty-year-old  Meghan  Padian.a 
junior  at  Morrisville  State  College, 
likes  keeping  in  touch  with 
other  students,  off-campus  friends, 
teachers  and  her  parents. 

And  she  does  it  using  the  cell 
phone  that  came  along  with 
her  dorm  assignment. 

“Five  hours  a  day  is  typical 
for  me  and  my  friends,” 

Padian  says.“If  you’re  talking 
to  a  girlfriend, you  talk  for  a 
while  about  stuff.” 

The  college,  southwest  of 


Where  IP  and  telecom  unite. 


Where  security  is  offensive,  not  defensive. 
Where  e-commerce  is  safe  commerce. 
Where  content  is  mobile  and  personal. 

Where  infrastructure  is  more  intelligent. 


VeriSign:  Where  it  all  comes  together 
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K*  \.;t%-.Vv-^Bil!ipos  of  times  each  day,  the  world  interacts  with  a  company  you  may  not  realize  is  there.  One  that  is  driving  dynamic  transformations  at  the 
:.v .  O..-  >  varyicore  of  commerce  and  communications.  VeriSign:  Through  our  Intelligent  Infrastructure  Services,  we  enable  businesses  and  individuals  to 

cv“  '-'find,  ,<*onhect,  secure,  and  transact  across  today’s  complex  Internet,  telecom,  and  converged  networks.  We  operate  the  systems  that  manage 
•  bom,  ahd.-.nef,  handling' 14-billlon  Web  addresses  and  emails  every  day.  We  run  one  of  the  largest  telecom  signaling  networks  in  the  world, 
such  as  cellular  roaming,  text  messaging,  caller  ID,  and  multimedia  messaging.  We  manage  network  security  services  for 
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3,000  global  businesses.  And  we  handle  over  30  percent  of  all  e-commerce  transactions  in  North  America,  amounting  to  $100-million  in 
sales.  As  next-generation  networks  emerge  and  converge,  VeriSign  will  be  there,  deploying  the  Intelligent  Infrastructure  Services  necesSa^ 
everything  from  RFID-enabled  supply  chains  to  inter-enterprise  VoIP  to  mobile  and  rich  media  content  distribution.  Whether  you’fe 
carrier  looking  to  rapidly  deploy  new  services;  a  Fortune  500  enterprise  needing  comprehensive,  proactive  security  services;  or  an  e.-cq^ 
leader  wanting  to  securely  process  payments  and  reduce  fraud,  we  can  help.  We're  VeriSign.  Where  it  all  comes  together.”*  ... 
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Avoid  the  invisible  threat. 


Shed  light  on  the  dangers  of  spyware  and  save  your  company  from  perilous  security  breaches.  Websense  Enterprise'  is  the  only 
solution  that  lets  you  block  access  to  infected  sites,  disable  malicious  mobile  code,  stop  outbound  spyware  traffic,  and  prevent 
malware  from  being  launched  at  the  desktop,  including  disconnected  laptops. 

For  more  information  and  a  free  white  paper  on  managing  spyware, 
please  visit  www. websense. com/spyware/5. 

2l)i ‘4.  Websense  Inc.  AM  l  ights  reserved.  Websense  and  Websense  Enterprise  are  registered  trademarks  of  Websense,  Inc.  in  the  United 
States  and  certain  international  markets.  Websense  has  numerous  other  unregistered  trademarks  in  the  United  States  and  internationally. 

All  other  trademarks  are  the  property  of  their  respective  owners. 
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Network  World  Fusion  Radio:  Training  mgmt. 

This  week's  show  tackles  the  issue  of  training  and  how  to  manage  it. 

Anne  Marie  Roderiques,  senior  global  trade  instructor  with  Vastera, 
discusses  how  her  company  organizes  and  delivers  training  to  employ¬ 
ees  and  customers  around  the  globe.  Stream  it  or  download  the  MP3. 
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Cisco  and  Microsoft  pledge  security  unity 

■  Cisco  and  Microsoft  this  week  are  expected  to  announce  a  strate¬ 
gic  plan  to  work  together  to  make  Ciscos  Network  Admission 
Control  (NAC)  and  Microsoft’s  Network  Access  Protection  (NAP) 
security  plans  work  together.  The  companies  did  not  detail  exact 
plans  for  the  integration  of  their  products.  While  differing  in  some 
fundamental  technologies,  both  NAC  and  NAP  intend  to  provide  a 
way  for  security  managers  to  inspect  desktop  computers  to  ensure 
they  meet  security  requirements  and  are  free  of  worms  and  other 
problems  before  letting  them  access  the  network.  Both  firms  say  it 
may  take  at  least  two  to  three  years  to  achieve  full  interoperability 

Fiorina  takes  critical  view  of  HP 

■  More  than  two  years  after  completing  its  buyout  of  rival  Compaq,  HP  has  not  done 
enough  to  take  full  advantage  of  the  acquisition, according  to  HP’s  chairman  and  CEO.“We 
are  not  fully  leveraging  what  we  built”  said  Carly  Fiorina  during  a  speech  last  week.  HP 
acquired  Compaq  in  2002  with  the  purpose  of  putting  together  a  portfolio  of  technologies 
and  products  —  spanning  consumer  and  corporate  applications  —  that  would  be  differ¬ 
ent  from  that  offered  by  other  vendors,  Fiorina  said.  Fiorina’s  comments  that  the  full  poten¬ 
tial  of  the  Compaq  acquisition  have  not  been  realized  were  most  likely  in  reference  to 
recent  problems  at  HP’s  Enterprise  Servers  and  Storage  Group.  During  a  conference  call 
with  analysts  and  journalists  in  August,  Fiorina  blamed  the  management  of  that  group  for 
a  series  of  operational  problems  that  cost  the  company  an  estimated  $400  million  in  rev¬ 
enue  and  $275  million  in  operating  profit  during  its  fiscal  third  quarter. 

Microsoft  patches  keep  on  coming 

■  Microsoft  last  week  released  10  patches, seven  with  the  rating  of  critical,  in  its  largest  sin¬ 
gle  patch  distribution  yet. The  second  Tuesday  of  each  month,  Microsoft  releases  patches 
for  its  software.  The  critical  rating  means  exploitation  of  the  vulnerability  could  allow 
remote  code  execution  and  the  propagation  of  an  Internet  worm  without  user  action, 
according  to  the  company’s  Web  site. The  vulnerabilities  covered  by  the  patches  expose 
22  flaws  in  Windows,  Office,  Exchange  and  Internet  Explorer.  Microsoft  has  issued  38 
patches  this  year.  Experts  said  the  most  critical  patches  for  corporate  customers  appear  to 
be  MS04-035,  which  patches  a  hole  in  the  Windows  Simple  Message  Transfer  Protocol 
component,  and  MS04-36,  which  plugs  holes  in  the  Windows  Network  News  Transfer 
Protocol  component. 


“There  was  stunned  silence  when 
only  one  of  the  group  of  highly 
paid  computer  experts  could  cor¬ 
rectly  identify  the  electronic  math 

reckoner.” 


We  reckon  Clive  Choat  will 
be  happy  with  the  knowl¬ 
edge  he's  this  week's  winner  of  our  Weekly  Caption  Contest.  Head 
online  to  check  out  our  runners-up  and  check  in  every  Monday  for 
the  start  of  a  new  round. 
www.nwfusion.com,  DocFinder:  4242 
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A  real  insider.  The  FDA  last  week  approved  a  radio  frequency  identification 
chip  from  VeriChip  that  can  be  implanted  in  humans  and  used  for  medical  applications. 
No  more  fibbing  about  that  extra  piece  of  cake  you  ate  or  that  exercise  routine  you 
skipped,  but  it’s  for  your  own  good. 
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Software's  Wild  West  Protect  your  intellectual  property  now  or  risk 
having  your  business  sacked  by  open  source-touting  bandits  in  what  has  developed 
into  a  “Wild  West"  scenario,  SCO  Group  President  and  CEO  Dari  McBride  warned  an 
audience  of  tech  industry  leaders,  analysts  and  investors  at  the  Etre  conference  in 
Cannes,  France  last  week.  "Once  you  put  something  in  digital  form,  it's  easy  to  copy. 
My  question  for  you  is,  How  are  you  going  to 
respond  if  that  happens  to  your  IP?"  he  said.  > 


A  few  billion,  give  or  take.  The  price  tag  for  upgrading  the  IT 
infrastructure  of  the  U.K.  National  Health  Service  could  be  three  to  five  times  higher 
than  the  original  estimate  when  the  project  —  billed  as  the  world's  largest  IT 
project  —  was  launched  two  years  ago.  The  estimated  cost  from  2003  to  2013 
of  the  NHS’  National  Programme  for  IT  now  stands  at  between  $27  billion  and  $54 
billion,  the  Department  of  Health  said.  The  government  has  not  said  why  the  cost 
is  so  much  higher  than  expected. 


Intel  shelves  Pentium  4 

■  Intel  last  week  axed  its  4-GHz  Pentium  4  microprocessor  and  said  it  would  switch  to  a 
new  chip  design.  Published  reports  said  the  scuttling  of  the  PC  processor  is  just  another 
embarrassing  move  for  the  world’s  biggest  chip  maker. The  past  year  has  been  marked  by 
tectonic  shifts  in  Intel’s  design  and  marketing  philosophies.  After  years  of  promoting  clock 
speed  as  the  most  important  indicator  of  processor  performance,  Intel  now  says  intro¬ 
ducing  multi-core  products  and  new  silicon  features  are  the  best  ways  to  improve  proces¬ 
sor  performance.  Intel  has  re-evaluated  many  product  decisions  this  year  after  CEO  Craig 
Barrett  wrote  a  memo  chastising  the  company  for  its  string  of  product  delays  and  manu¬ 
facturing  glitches  earlier  this  year. The  memo  called  for  Intel  to  focus  on  products  that  can 
be  delivered  on  time  and  without  incident,  and  the  decision  to  forgo  the  4-GHz  chip 
seems  linked  to  that  emerging  mindset. 

Sprint  cuts  700  workers 

■  Sprint  last  week  said  it  plans  to  cut  up  to  700  jobs  as  it  realigns  its  business  to  focus  on 
wireless  and  Internet  services. Sprint  said  the  job  cuts, about  1%  of  its  workforce,  will  affect 
sales  and  support  at  its  business  solutions  unit,  which  provides  services  to  businesses.The 
cuts  will  come  from  layoffs,  attrition  and  voluntary  separation,  it  said. Sprint  said  it  will  stop 
selling  stand-alone  services  such  as  long-distance  to  business  customers  because  of  steep 
competition  in  the  long-distance  market  (www.nwfusion.com,  DocFinder:  4248).  It  will 
focus  on  multi-product  bundles  and  wireless  and  Internet  services. 

Iron  Mountain  snaps  up  Connected 

■  Iron  Mountain  last  week  said  it  is  acquiring  Connected  to  enhance  its  online  back¬ 
up  and  recovery  portfolio.  The  roughly  $117  million  acquisition  should  help  Iron 
Mountain  protect, archive  and  recover  data  that  is  distributed  throughout  an  organization. 
Connected  backs  up  and  recovers  information  from  users’  laptops  and  desktops. 


Just  because  you  are  in  the  field 
doesn't  mean  you  are  out  of  touch. 


When  you're  out  in  the  field,  you  don't  want  to  be  out  of  touch.  That's  where  the  BlackBerry'  Enterprise 
Solution  comes  in.  This  solution  offers  you  secure,  wireless  access  to  your  dispatch  and  scheduling 


systems,  automation  applications  and  even  parts  inventory.  Wirelessly  receive,  review  and  close  service 


tickets  wherever  you  happen  to  be.  And  you  can  even  look  up  the  latest  service  trends,  repair  workarounds 
and  product  bulletins.  The  result  is  less  time  away  from  the  field  and  most  importantly,  better  customer 
service.  It's  not  just  a  better  way  to  work  in  the  field.  It’s  a  better  way  to  serve  your  customers. 
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Get  your  "BlackBerry 
Extensibility  Kit" 
Today! 


More  Than  Wireless  E-mail 
Order  the  BlackBerry  Extensibility  Kit  to  find 
out  how  you  can  improve  your  service  team's 
effectiveness  and  efficiency  in  the  field. 

Visit:  www.blackberry.com/go/xkit 
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ISS  to  proactively 
thwart  attacks 

■  BY  ELLEN  MESSMER 

Internet  Security  Systems  is  scheduled  to  announce  plans  for  a  sys¬ 
tem  that  prevents  network  attacks  before  threats  are  publicly  identified. 

The  company  says  it  will  improve  upon  its  Proventia  intrusion-pre¬ 
vention  line  with  appliances  and  host-based  software  products  that 
depend  less  on  the  use  of  signatures  of  publicly  known  exploits  to 
block  computer  worms  and  other  attacks.  Rather,  the  company  says 
Proventia  Enterprise  Security  Platform  (ESP)  will  block  threats  based 
on  advanced  knowledge  of  vulnerabilities  that  ISS  researchers  glean 
by  working  closely  with  software  vendors. 

“Avoiding  a  threat  in  the  first  place  is  a  hell  of  a  lot  better  than  react¬ 
ing  to  it,” says  ISS  CEO  Tom  Noonan. 

He  says  Proventia  ESP  will  include  security  agents  for  desktops  and 
servers  that  will  continuously  perform  assessments  and  report  secu¬ 
rity  vulnerabilities  to  an  ISS  management  console  called  Site- 
Protector. 

Noonan  says  this  will  be  possible  because  ISS  has  a  research  team 
that  investigates  operating  systems  and  applications  of  all  types  for  vul- 
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nerabilities,  frequently  in  cooperation  with  Microsoft  and  other  soft¬ 
ware  vendors.  Though  ISS  typically  doesn’t  reveal  knowledge  of  vul¬ 
nerabilities  until  a  software  vendor  is  prepared  with  a  patch,  the  idea 
behind  Proventia  ESP  is  that  a  kind  of  virtual  patch  can  be  put  in  place 
in  advance  through  the  intrusion-detection  system  (IPS)  appliance 
and  host-based  software. 

Noonan  adds  that  ISS  has  quietly  begun  doing  so  in  some  cases,  par¬ 
ticularly  for  buffer-overflow  vulnerabilities,  with  its  Proventia  and 
SiteProtector  products. 

While  the  company  won’t  announce  specific  products  under  the 
Proventia  ESP  brand  until  later  this  fall,  some  ISS  customers  say  they 
welcome  new  strategies  that  might  provide  protection  before  patches 
can  be  distributed. 

“What  ISS  is  proposing  is  absolutely  the  right  direction,”  says  Lloyd 
Hession,  chief  security  officer  at  Radianz.a  company  with  a  network 
that  connects  about  5,000  financial  firms  around  the  world.  He  says 
the  plan,  which  entails  interaction  between  host-based  vulnerability 

assessment  and  the  network- 
based  IPS,  could  be  a  preventive 
approach. 

ISS  is  the  first  firm  to  outline  a 
product-development  strategy  of 
this  sort,  though  some  others,  in¬ 
cluding  Sourcefire,  are  working  to 
combine  vulnerability-assessment 
information  with  intrusion-detec¬ 
tion  capabilities  to  improve  the 
accuracy  of  IDS. 

IPS  products,  which  block  traffic, 
face  a  greater  burden  of  accuracy 
because  organizations  fear  an  IPS 
might  block  legitimate  traffic 
through  false  alerts.  ■ 


More  online! 

Attend  Network  Security:  Structuring  an 
Aggressive  Defense.  A  security  event 
focused  on  every  element  needed  for  total 
enterprise-wide  protection. 
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The  air  is  starting  to  come  out 
of  the  wireless  LAN  market 


■  BY  JOHN  COX 

Network  industry  watchers  have  been  warning  for 
months  that  the  wireless  LAN  market  has  been  over- 
funded  and  was  due  for  a  shakeout. 

The  tremors  have  started. 

Investors  in  Legra  Systems,  a  WLAN  switch  maker 
that  was  unable  to  convert  $21  million  in  venture 
funding  into  a  sustainable  business,  have  sold  the 
company  to  two  other  outfits. 

Separately  AirFlow  Networks’  long-term  prospects 
are  looking  ever  more  questionable.  CEO  Robert 
Machlin  says  the  company  is  still  in  business, still  try¬ 
ing  to  license  its  technology  But  AirFlow’s  listed 
phone  numbers  give  callers  a  continuous  busy  sig¬ 
nal  and  the  company  hasn’t  issued  a  press  release 
since  April,  when  the  company  announced  it  was 
shifting  its  focus  from  selling  boxes  to  licensing  its 
switch-on-a-chip  technology 

The  survivors  among  those  who  reaped  some  of 
the  hundreds  of  millions  in  venture  capital  put 
toward  WLAN  start-ups  in  recent  years  interpret 
these  events  in  a  way  that  vindicates  their  business 
acumen  and  product  strategies  or,  perhaps,  their 
good  luck.  But  the  still  unanswered  question  is 
whether  enterprise  WLAN  deployments  will  be  an 
overlay  to  the  wired  network,  by  independent  ven¬ 
dors  such  as  Airespace  and  Aruba  Wireless 
Networks,  or  an  extension  to  the  wired  network,  from 
incumbents  such  as  Cisco  and  Extreme  Networks. 

‘A  lot  of  people  have  been  expecting  this  market  to 
consolidate  relatively  soon, ’’says  Aaron  Vance,  senior 
analyst  with  Synergy  Research  Group.“This  is  just  the 
early  stages  of  that.” 

Airespace  and  Aruba  are  generally  viewed  as  the 
two  strongest  switch  vendors.  Others  include 
Chantry  Trapeze  Networks  and  Vivato.  But  there  are 
scores  of  other  WLAN  companies  selling  access 
points,  gateways  and  adapters,  as  well  as  chipsets, 
specialized  systems  software,  mesh  networks,  secur¬ 
ity  software  and  hardware,  and  network  manage¬ 
ment  applications. 

Synergy’s  second-quarter  WLAN  market  figures 
peg  worldwide  revenue  for  WLAN  infrastructure 
(mainly  access  points  and  switches  and  controllers) 
at  $244  million, up  from  $214  million  in  the  first  quar¬ 


ter.  In  terms  of  units  sold,  Cisco  posted  its  highest 
market  share  ever:  46%  for  the  quarter.  The  nearest 
rivals  were  Symbol  at  14%,  3Com  at  10%  and  Proxim 
at  just  less  than  6%.  The  total  number  of  switches/ 
controllers  has  jumped  in  2004,  but  still  remains 
small,  and  includes  products  that  are  mainly  secur¬ 
ity  gateways:  about  4,700  units  in  the  first  quarter, 
nearly  11,600  in  the  second  quarter. 

Not  figuring  much  into  those  numbers  was  Legra, 
whose  venture  backers  have  sold  the  company’s 
assets  to  NextHop,  which  markets  IP  routing  software 
that’s  widely  used  by  Cisco’s  rivals;  and  Fortress 
Technologies,  which  sells  WLAN  security  gateways. 

NextHop  bought  some  of  Legra’s  software  assets, 
which  will  be  incorporated  in  new  Layer  2  features 
due  out  early  next  year. “Wireless  becomes  a  logical 
extension  of  these  Layer  2  features,”  says  Dennis  Tsu, 
vice  president  of  marketing  for  NextHop.  “We  plan 
some  news  in  the  first  quarter  once  we’ve  done  the 
integration.” 

Fortress  will  incorporate  several  elements  of 
Legra’s  WLAN  switch  into  future  versions  of  its 
AirFortress  security  gateway  Legra  used  a  trio  of  spe¬ 
cialized  processors,  including  one  to  handle  several 
encryption  algorithms  at  once,  to  boost  the  perfor¬ 
mance  of  its  switch. 

Two  Legra  investors  say  they  are  convinced  the 
WLAN  market  is  tilting  toward  the  incumbent  play¬ 
ers,  such  as  Cisco  and  Extreme,  which  are  adding 
WLAN  processing,  security  and  management  to 
their  switch  lines.  (See  related  story  page  17.) 

“We  continue  to  believe  there  is  considerable 
demand  by  enterprise  customers  for  WLAN  solu¬ 
tions,”  says  Daniel  Phelps,  a  partner  with  Duchossois 
Technology  Partners.  “We  are  not  convinced,  how¬ 
ever,  that  this  demand  will  be  met  by  stand-alone, 
wireless-specific  equipment.” 

Another  Legra  investor,  Gary  Gannot  with  Genesis 
Venture  Partners,  points  to  the  OEM  deals  that  net¬ 
work  vendors  are  signing  with  WLAN  switch  ven¬ 
dors.  The  deals  are  “a  stopgap  strategy  until  [the 
incumbents]  incorporate  off-the-shelf  WLAN  soft¬ 
ware,  such  as  that  being  supplied  by  NextHop,  into 
their  next-generation  enterprise  [network]  equip¬ 
ment,”  he  says. 

See  WLAN,  page  68 


Betting  on  wireless  LANs 

A  sampling  of  investments  in  WLAN  companies  (in  millions  of  dollars). 
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Consider  the  dots  connected.  By  combining  networking,  Internet  and  long  distance 
services  into  a  single  turnkey  solution,  we’re  helping  one  of  the  largest  healthcare 
providers  in  Texas  stay  connected.  Move  large  amounts  of  critical  data  quickly  and 
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reliably.  Adapt  to  long-term  growth  efficiently.  And  save  money  along  the  way  -  more 
than  $1  million  over  the  next  three  years.  Find  out  more  about  how  we’re  helping 
Daybreak  Venture  connect  the  dots  at  sbc.com/dots.  GOING  BEYOND  THE  CALL/ 
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StorageTek  CEO:  ‘We’re  not  just  a  tape  company’ 


StorageTek,  a  vendor  of  storage 
products,  has  steadily  been 
improving  its  financial  results 
and  evolving  its  product  line 
since  former  Xerox  executive 
Pat  Martin  took  over  as  chair¬ 
man  and  CEO  four-and-a-half 
years  ago.  He  talked  with 
Network  World  Senior  Editor 
Deni  Connor  last  week  at  the 
company’s  annual  Eorum  user 
conference  in  San  Antonio. 

How  would  you  sum  up  StorageTek's  transformation 
under  your  leadership? 

Financials  are  the  scoreboard  in  terms  of  what’s 
going  on.  StorageTek’s  revenue  has  been  about  flat 
through  its  first  six  months  of  this  year  and  earnings 
have  risen.  In  the  past  four  years,  we’ve  brought  out 
75  new  products  and  positioned  ourselves  to  be  the 
largest  independent  provider  of  total  storage  solu¬ 
tions.  We  are  well  on  our  way  to  achieving  that  goal. 

Users  have  a  mindset  that  StorageTek  is  a  tape  company. 
What  are  you  doing  to  change  that  perception? 

One  of  our  biggest-selling  products  is  the  Virtual 
Storage  Manager  [VSM]  —  that’s  a  disk-based  prod¬ 
uct  that  sits  with  everyone’s  mainframes.  We  have 


about  a  60%  market  share  in  that  business.VSM  lets 
you  manage  your  tape  subsystems  through  a  disk 
cache,  so  you  are  running  at  disk  speed  and  not  wor¬ 
rying  about  the  time  delays  of  tape  mounts  and  so 
forth.  Bringing  VSM  to  the  open  world  like  we  did  this 
week  [the  product  now  works  with  a  host  of  operat¬ 
ing  systems]  is  a  natural  progression  for  StorageTek. 

Since  2001,  your  disk-based  sales  have  increased  to  a 
fifth  of  that  of  tape.  How  has  that  happened? 

When  we  said  we  were  going  to  be  a  total  supplier 
of  storage  solutions,  we  had  four  steps  in  our  journey 
The  first  thing  we  did  was  reinvest  in  our  tape  and 
tape  automation  base. We  brought  out  three  genera¬ 
tions  of  tape  and  tape  drives  in  the  last  three  years 
and  a  new  series  of  tape  libraries. 

Second,  we  saw  the  emergence  of  another  tier  of 
storage  called  ATA  and  positioned  ourselves  to  play 
in  that  area.  Where  we  felt  we  could  have  a  strong 
presence  is  in  the  information  life-cycle  management 
[ILM]  area,  which  is  all  about  putting  the  right  infor¬ 
mation  at  the  right  place  at  the  right  time. 

The  other  area  of  ILM  that  is  a  big  opportunity  is 
helping  our  customers  manage  the  backup  and 
recovery  of  data  more  simply  and  reliably  with  less 
labor. Today  50%  of  the  labor  in  the  data  center  in 
one  way  or  another  is  associated  with  backup  and 
recovery  So  it’s  the  last  big  labor  pool  sitting  in  the 
data  center  since  our  tape  libraries  have  taken  out 
the  tape  jockeys  of  10  years  ago.  [A  tape  jockey  is  a 


person  who  swaps  tapes  in  and  out  of  auto-loaders.] 

The  last  part  is  about  archival  information.  Our  cus¬ 
tomers  are  being  inundated  with  regulatory  require¬ 
ments  such  as  [Health  Insurance  Portability  and 
Accountability  Act]  .The  ability  to  store  that  informa¬ 
tion  in  an  effective  way  and  be  able  to  retrieve  it  is  a 
big  challenge  for  customers. 

ILM  is  where  we  are  putting  all  our  emphasis.  But 
that  doesn’t  mean  that  tape  is  going  to  go  away;  we 
are  going  to  continue  to  offer  tape  products. 

Do  you  do  that  by  tiering  storage  or  putting  the  disk  in  an 
intermediate  position  between  primary  storage  and  tape 
as  an  archive? 

Yes.You  use  primary  disk  for  business-critical  data. 
Today  80%  of  the  information  sitting  on  primary  disk 
is  duplicated  data  in  one  form  or  another.  If  that  infor¬ 
mation  isn’t  accessed  for  30  days  after  it  is  created,  it 
still  resides  on  our  disk  subsystems  taking  up  space 
and  quite  frankly  not  being  very  useful.  So  what  we’re 
about  is  taking  that  information  and  moving  it  from 
primary  disk  to  Serial  ATA  [SATA]  drives  and  from 
there  to  our  tape  libraries.  We  do  it  in  an  automated 
way  based  on  policies  defined  by  the  users. 

How  have  users'  moves  to  disk-based  backup  affected  tape 
revenues  at  StorageTek? 

We  haven’t  seen  any  material  impact  on  our  busi¬ 
ness.  We  have  a  product  called  EchoView  that  backs 

See  Martin,  page  66 


Groove  looks  to  enhance  real-time  collaboration 


Getting  in  the  Groove 


Groove  this  week  will  release  middleware  integration 
software  called  Enterprise  Data  Bridge  that  makes 
back-end  data  available  to  Groove’s  Virtual  Office 
collaboration  client. 
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■  BY  JOHN  FONTANA 

Groove  Networks  this  week  will 
take  the  wraps  off  integration 
middleware  that  lets  users  secure¬ 
ly  integrate  data  from  back-end 
systems  with  the  vendors  client- 
based  collaboration  software. 

The  new  Enterprise  Data  Bridge 
provides  a  bidirectional  path  to 
pull  data  from  CRM,  ERP  and 
other  back-end  data  stores  into 
Groove  Virtual  Office.  Users  can 
share  the  data,  modify  it  and 
update  back-end  systems  with 
any  changes,  all  from  the  same 
interface  using  customized 
forms-based  Groove  Virtual 
Office  applications. 

The  offering  begins  to  fill  in 
gaps  for  corporate  users,  who 
lacked  an  easy  way  to  incorpo¬ 
rate  back-end  data  into  collabo¬ 
ration  environments.  Users  had 
been  clamoring  for  the  links  to 
back-end  data,  and  Groove 
Virtual  Office  can  be  a  way  to 
plug  end  users  into  business 
processes. 

“The  interesting  thing  is  that  we 
knew  there  were  other  possibili¬ 
ties  and  that  we  could  extend 
Groove  into  other  areas,”  says 


Neville  Byford,  director  of  IT  strat¬ 
egy  for  collaboration  at  Hitachi 
Data  Systems.  The  company  is  in 
the  initial  stages  of  rolling  out 
Groove  Virtual  Office  to  support 
basic  collaboration  for  project 
teams. 

For  example,  he  says,  when  a 
project  is  kicked  off  in  a  project 
management  system  it  could  trig¬ 
ger  the  creation  of  a  Groove  Vir¬ 
tual  Office  workspace,  invite  the 
needed  participants  and  popu¬ 
late  it  with  data  from  the  project 
management  system. 

He  says  the  feedback  loop  from 
Groove  Virtual  Office  into  back¬ 
end  systems  also  is  key  “It  is  the 
consistency  of  the  data,”  Byford 
says.“We  lessen  the  risk  of  having 
multiple  views  of  the  same  data. 
And  it  improves  our  ability  to 
respond  to  business  situations.” 

The  Enterprise  Data  Bridge  in¬ 
cludes  a  connector  Groove  part¬ 
ner  Casahl  developed  that  runs 
on  that  vendor’s  ecKnowledge 
application  integration  software. 
Casahl  is  known  for  its  software 
that  deeply  integrates  data  be¬ 
tween  disparate  systems,  such  as 
Lotus  Notes  and  Microsoft 
Exchange. 


The  Groove  connector  and 
ecKnowledge  map  back-end  data 
into  Groove  Virtual  Office  forms- 
based  applications.  It  also  sup¬ 
ports  replication  of  data  from 
Groove  Virtual  Office  into  back¬ 
end  systems.  Also  part  of  the  Data 


Bridge  is  the  Groove  Enterprise 
Integration  Server,  which  acts  as  a 
peer  to  Groove  Virtual  Office 
clients  and  the  always-available 
integration  point  with  the  Groove 
connector.  The  Groove  Publisher 
bot  also  is  part  of  the  Data  Bridge 


package  and  can  push  data  out 
to  clients. 

Finally  the  Data  Bridge  uses  the 
Groove  Virtual  Office  3.0  collabo¬ 
ration  client  software,  which  sup¬ 
ports  offline  data  and  applica¬ 
tions  use. 

The  ecKnowledge  software 
comes  with  the  Groove  connec¬ 
tor  and  one  from  Casahl.  Those 
connectors  include  Oracle,  Lotus 
Notes  and  Microsoft  Exchange. 

“We  don’t  want  to  replace  doc¬ 
ument  repositories  and  data 
warehouses,”  says  Matt  Pope, 
senior  product  manager  for 
Groove.  “Groove  is  not  a  long¬ 
term  data  repository.  It  is  a  place 
for  sharing,  for  business  process, 
collaboration  and  coordination 
until  the  job  is  done.  The  key 
thing  with  the  Enterprise  Data 
Bridge  is  that  you  can  leave 
existing  IT  assets  such  as  data¬ 
bases  where  they  are  and  lever¬ 
age  them  for  what  they  are  good 
at,  which  is  transactions  and 
data  warehousing.” 

The  Enterprise  Data  Bridge 
costs  about  $25,000,  including 
100  service-access  licenses  for 
each  end  user  the  Groove  Pub¬ 
lisher  bot  service  supports.  ■ 


IT’S  STORAGE.  IT’S  FLEXIBLE.  IT’S  YOU. 

Yes,  you.  Whatever  is  vital  to  you -x-rays,  blueprints,  customer  information -storing 
vast  amounts  of  data  is  important.  Even  more  important  is  access  to  that  information. 
Having  data  right  at  your  fingertips.  Welcome  to  the  on  demand  world  enabled 
by  IBM  TotalStorage®  systems.  Where  your  servers  and  storage  work  together  to 
better  manage  data  across  your  organization,  giving  you  a  broad  range  of  storage 
options.  Thus,  a  total  recognition  of  TCO,  scalability  and  flexibility.  IBM  TotalStorage 
is  for  you.  Find  and  learn  the  whole  story  at  ibm.com/totalstorage/total 

IBM  TotalStorage® 
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ease  SOA  mgmt. 


m  BY  JOHN  FONTANA 

Web  services  vendors  Actional 
and  Westbridge  this  week  are  set 
to  merge  and  combine  elements 
of  their  management  and  secur¬ 
ity  software  into  a  single  plat¬ 
form  designed  to  help  compa¬ 
nies  manage  and  monitor  ser¬ 
vice-oriented  architectures. 

The  merger  is  evidence  of 
the  consolidation  taking  place 
among  Web  services  vendors, 
which  included  last  month’s 
acquisition  of  Flamenco  by 
Digital  Evolution.  The  mergers, 
acquisitions  and  partnerships 
mean  corporate  adopters  should 
have  fewer  piece  parts  to  pull 
together  to  build  an  SOA. 

The  company,  which  will  operat¬ 
ing  under  the  Actional  name,  still 
plans  to  offer  its  traditional  inde¬ 
pendent  products  such  as  Ac¬ 
tional’s  SoapStation  for  manage¬ 
ment  and  Westbridge’s  XML 
Message  Server  for  security  It  also 
plans  this  week  to  introduce  the 
Actional  SOA  Command  and 
Control  Platform  for  coordinating 
and  governing  everything  that 
happens  within  an  SOA,  includ¬ 
ing  identity  and  directory  ser¬ 
vices  and  policy  management, 
and  monitoring  other  Web  ser¬ 
vices  functions  such  as  gateways, 
firewalls,  brokers  and  message 
queuing. 

Multiple  paths 

“People  are  more  pragmatic. 
They’re  stepping  back  and  say¬ 
ing  there  are  different  parts  of 
the  infrastructure  we  need  to 
address  in  relationship  to  secu¬ 
rity,  management  and  integra¬ 
tion  such  as  routing,  communi¬ 
cation  and  transformation,”  says 
Frank  Kenney,  research  analyst 
with  Gartner. 

The  two  companies  also  will 
combine  Actional’s  Looking 
Glass  and  Westbridge’s  XMS 


More  online! 


In  this  Webcast,  Johna  Till  Johnson, 
Network  World's  columnist  and  founder  of 
Nemertes  Research,  offers  practical 
advice  for  structuring  what’s  being  called 
The  New  Data  Center." 
DocFinder:  1948 


Management  Console  into  the 
SOA  Command  and  Control 
Platform. The  suite  will  include 
agents  that  can  run  on  infra¬ 
structure  nodes,  including  Soap- 
Station  and  XMS,  as  well  as  other 
SOA  products  from  competitors 
such  as  Blue  Titan,  DataPower 
and  Sonic. 

Actional  officials  say  the  Com¬ 
mand  and  Control  Platform  will 
give  users  a  bird’s  eye  view  and 
unified  control  over  what  they 
call  the  “fabric”  layer  of  the  SOA, 
where  security,  management, 
message  queuing  and  other  ser¬ 
vices  reside. 

“Together  they  coordinate  all 
the  activities  in  the  fabric  and 
allow  you  to  do  things  like  drive 
policy  and  compliance  into 
other  platforms,  into  their  native 
engines,”  says  Tom  Ryan,  former 
CEO  of  Westbridge  and  now  the 
head  of  Actional. 

Those  capabilities  eventually 
will  thrust  Actional  into  compe¬ 
tition  with  traditional  manage¬ 
ment  vendors  such  as  Com¬ 
puter  Associates  and  HR  which 
are  re-architecting  their  man¬ 
agement  products  for  Web  ser¬ 
vices  and  SOA. 

“Actional  has  articulated  a  very 
thorough  road  map  vs.  some  of 
the  other  acquisitions  in  this 
market,  and  that  bodes  well  for 
them,”  says  Sandy  Rogers,  re¬ 
search  director  with  1DC.  “En¬ 
terprise  buyers  need  a  comfort 
level  with  how  these  acquisi¬ 
tions  and  mergers  map  into  their 
own  strategies.” 

Actional  plans  to  roll  out  the 
Command  and  Control  Platform 
in  two  phases. 

The  first,  which  is  expected  to 
be  available  next  month,  will  in¬ 
clude  the  ability  to  control  ser¬ 
vice  level,  availability  and  per¬ 
formance  across  SOA  products, 
and  have  one  console  for  policy 
management.  In  the  second 
phase,  expected  to  be  available 
in  the  first  half  of  next  year, 
Actional  will  offer  policy  man¬ 
agement  across  the  entire  SOA 
fabric,  and  will  introduce  a  set  of 
open  policy  management  inter¬ 
faces  used  to  push  policies  into 
an  SOA. 

The  Command  and  Control 
Platform  costs  $75,000. 

As  part  of  the  merger,  the  com¬ 
bined  company  will  receive  a 
$12.9  million  round  of  funding 
from  investors  that  include 
August  Capital,  ArrowPath  Venture 
Capital,  Granite  Ventures  and  In¬ 
ternational  Capital  Partners.  ■ 


Merger  maneuvers 

Web  services  vendors  Actional  and  Westbridge  will  merge  but  plan  to  continue  offering 
their  existing  management  and  security  products,  as  well  as  a  new  product  called 
Actional  SOA  Command  and  Control  for  managing  and  monitoring  an  entire  SOA. 


Products 

Description 

Name 

change 

Actional 

SoapStation 

A  proxy  that  brokers  interactions  between  applications  that  provide  Web 
services.  Also,  provides  life-cycle  management,  service  upgrade 
management,  access  control,  logging/reporting  of  service  activity; 
provisioning,  policy  control. 

NA 

Looking  Glass 

Management  server  and  centralized  control  to  visualize,  monitor  and 
manage  Web  services  networks. 

NA 

Westbridge 

XML  Message 
Server  (XMS) 

XML  Firewall  to  secure  Web  services  traffic.  Also  includes  transaction 
monitor  and  integrated  service  manager. 

Actional 

XMS 

Cisco,  IBM  team  on  net  access 


■  BY  DENISE  DUBIE 

Cisco  and  IBM  last  week  said 
they  would  tie  together  products 
that  give  customers  better  net¬ 
work  access  control  and  help  pre¬ 
vent  worm  and  virus  attacks. 

The  companies  said  updates  to 
IBM’s  Tivoli  software  would  work 
with  Cisco  gear  to  scan  devices 
trying  to  connect  to  corporate 
networks.  The  collaboration 
would  ensure  devices  allowed  to 
access  the  network  were  compli¬ 
ant  with  network  security  poli¬ 
cies.  The  products  also  could 
quarantine  non-compliant  client 
devices  to  a  virtual  LAN  where 
they  could  be  evaluated. 

The  companies  have  integrated 
Cisco’s  Access  Control  Server 
(ACS)  —  a  RADIUS-based  auth¬ 
entication  server  —  and  IBM 
Tivoli  Security  Compliance  Man¬ 
ager  software  to  determine  which 
devices  and  users  could  access  a 
network  and  if  those  devices  had 
features  such  as  proper  anti-virus 
software.  IBM  Tivoli  Security  Com¬ 
pliance  Manager  is  software  that 
lets  customers  define  security 
policies  and  monitor  compliance 
of  those  policies. 

For  example,  a  Tivoli  software 
agent  installed  on  a  user  end¬ 
point  would  capture  the  device 
credentials  and  scan  those 
against  pre-set  policies  in  the 
compliance  software  installed  on 
a  dedicated  server.  At  that  point, 
the  device  credentials  would  be 
See  Teaming,  page  14 


Network  bouncer 


IBM  and  Cisco  will  couple  their  products  to  automate 
the  process  of  granting  network  access  to  remote 
users  and  unknown  client  devices. 


Remote  user 


IBM  Tivoli  Security 
Compliance 
Manager 


01 


Lower  risk  security  zone 
(VLAN) 


Secure  production 
network 


O  IBM  Tivoli  Security  Compliance  Manager  software  scans  client  devices  trying  to  access 
the  network.  The  Tivoli  software  compares  client  information  with  pre-set  policies 
to  determine  compliance. 

©  The  device  then  requests  access  to  the  network  through  the  Cisco  Access  Server,  which 
decides  based  on  pre-defined  rules  and  access  data  stored  in  its  systems  if  it  should 
grant  or  deny  access. 

©  If  denied  access,  the  device  is  quarantined  into  a  virtual  LAN  or  subnet,  until  it  can  be 
brought  into  compliance  by  IBM  Tivoli  Provisioning  Manager  software,  which  could  update 
the  client  with  the  appropriate  software  or  patches  and/or  alert  IT  staff  to  take  action. 
Once  compliant,  the  permissions  process  starts  over  and  the  device  is  granted  access. 

©  If  found  compliant,  the  device  is  allowed  access  to  the  network. 
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FGC  action  charges  up  broadband  over  power  ii 


■  BY  GRANT  GROSS 

The  FCC  last  week  cleared  the  way  for 
power  companies  to  roll  out  broadband 
over  power  line  service  by  approving  a  set 
of  rules  designed  to  limit  interference  to 
other  radio  frequency  devices  such  as 
amateur  radios. 

The  FCC’s  action  on  BPLs  requires 
providers  of  the  alternative  to  cable 
modem  or  DSL  service  to 
employ  devices  that  can  switch 
frequencies  if  they  cause  inter¬ 
ference  and  that  can  be  shut 
down  remotely 

FCC  Chairman  Michael 
Powell  acknowledged  con¬ 
cerns  from  the  American  Radio 
Relay  League  and  other  ham 
radio  operators,  but  he  called 
the  FCC’s  adoption  of  the  BPL 
rules  a  “historic  day”  for  the 
future  of  U.S.  broadband  ser¬ 
vices.  Powell  called  amateur 
radio  an  “important  resource” 
in  the  U.S.  communication  system  and 
promised  that  the  FCC  would  pay  atten¬ 
tion  to  interference  issues. 

But  Commissioner  Michael  Copps  ques¬ 
tioned  if  the  rules  will  keep  the  FCC  as 
involved  as  it  could  be  in  refereeing  inter¬ 
ference  complaints.  Copps  also  criticized 
other  commissioners  for  not  dealing  with 
other  issues,  including  911  service,  access 
for  disabled  people  and  whether  electrici¬ 
ty  customers  should  subsidize  BPL  rollouts 
in  these  rules.  He  supports  BPL  rollouts. 


Officials  from  Current  Communications 
Group,  which  has  partnered  with  Cinergy 
to  provide  BPL  in  parts  of  Indiana,  Ohio 
and  Kentucky,  say  the  FCC  decision  might 
open  more  power  companies  to  using 
BPL.  Among  the  benefits  of  BPL  is  that  the 
devices  monitor  electrical  blackouts,  and 
power  companies  can  pinpoint  outages 
without  relying  on  customers  to  call  and 
complain. 

Through  a  second  joint  ven¬ 
ture  with  Cinergy  Current  plans 
to  deploy  BPL  to  smaller  munic¬ 
ipal  and  cooperatively  owned 
power  companies  covering  24 
million  customers  across  the 
U.S.  At  least  four  U.S.  power 
companies  are  offering  com¬ 
mercial-level  BPL  service  to 
customers,  and  others  are  offer¬ 
ing  BPL  on  a  test  basis. 

The  FCC  rules  should  pro¬ 
vide  some  assurance  to  power 
companies  considering  BPL, 
says  Jay  Birnbaum,  vice  presi¬ 
dent  and  general  counsel  for  Current 
Communications  Group.  Although  many 
power  companies  take  a  conservative 
approach  to  offering  new  products,  the 
FCC  action  on  interference  removes  one 
obstacle,  he  says. 

The  FCC  rules  establish  so-called  “exclud¬ 
ed  frequency  bands”  where  BPL  cannot 
operate  because  of  potential  interference 
with  aircraft  receivers.  The  rules  also  estab¬ 
lish  “exclusion  zones”  in  locations  close  to 
sensitive  operations  such  as  Coast  Guard  or 


FCC  Chairman 
Michael  Powell  says 
adoption  of  broad¬ 
band  over  power  line 
rules  is  of  historical 
significance. 


Google  debuts  desktop  search 


radio  astronomy  stations.  BPL  providers 
also  must  consult  with  public  safety  agen¬ 
cies,  aeronautical  stations  and  other  poten¬ 
tially  affected  government  groups  before 


rolling  out  BPL. 

Gross  is  a  correspondent  with  the  IDG 
News  Service. 
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It’s  the  enterprise-class  IBM  TotalStorage®  DS6800  system. 
It’s  as  low  as  half  the  price’  and  takes  up  as  little  as  5%  of 
the  space2  of  that  “other”  enterprise  storage  offering  (the  EMC 
Symmetrix  DMX800).  With  Power  Architecture™  technology 
and  a  surprisingly  small  footprint,  it’s  designed  to  deliver 
lower  costs.  Is  it  storage  or  is  it  a  strategy?  It’s  both.  It’s  IBM 
TotalStorage  at  its  best. 


■  BY  ANN  BEDNARZ 

Google  last  week  unveiled  a  beta  version 
of  its  long-awaited  desktop  search  applica¬ 
tion,  built  with  the  same  technology  that 
powers  its  Google.com  Internet  search  site. 

Google  Desktop  Search  is  free,  down¬ 
loadable  software  designed  to  search  local 
PC  sources.  It  can  retrieve  data  in  Micro¬ 
soft’s  Outlook,  Word,  Excel  and  PowerPoint 
applications,  as  well  as  instant  messaging 
sessions  on  AOL  Instant  Messenger. 

The  software  also  lets  users  retrieve  con¬ 
tent  from  Web  pages  viewed  with  Internet 
Explorer:  When  a  user  views  a  Web  page, 
Google  Desktop  Search  automatically 
caches  its  content  so  the  user  can  later  see 
the  same  version  of  the  page, even  if  its  live 
content  has  been  altered. 

The  market  for  searching  desktop  re¬ 
sources  is  not  new  —  Google  has  competi¬ 
tion  from  many  niche  players,  such  as 
Blinkx,Copernic,lSYS  Search  Software  and 
XI,  which  offer  alternatives  to  the  basic  e- 
mail  and  file  search  functions  built  into 
Microsoft’s  systems. 

But  there’s  been  a  growing  fervor  sur¬ 
rounding  the  technology  in  recent  months 
since  big  guns  Google, Microsoft  andYahoo 


indicated  their  intention  to  tackle  desktop 
search.  Google  is  the  first  of  these  compa¬ 
nies  to  deliver  a  working  version. 

To  get  started,  Desktop  Search  indexes  a 
user’s  hard  drive.  This  process  could  take 
several  hours,  but  it  occurs  during  times 
when  the  computer  is  idle,  Google  says.The 
software  then  continuously  scans  for  new 
content  and  adds  it  to  the  index.  When  a 
user  downloads  a  new  e-mail  in  Outlook, 
for  example,  Desktop  Search  can  find  and 
index  it  within  seconds,  the  vendor  says. 

Once  the  initial  indexing  is  complete, 
users  can  run  a  search  using  the  Google, 
com  Web  site,  so  that  both  PC  and  Web 
sources  are  searched  simultaneously  When 
a  user  searches  through  Google.com, 
Desktop  Search  runs  the  same  search  in 
parallel  on  the  user’s  computer.  If  Google 
Desktop  Search  finds  relevant  results,  those 
results  appear  on  the  Google.com  search 
results  page,  flagged  as  coming  from  the 
user’s  own  content  sources. 

Alternatively  users  can  bypass  the  Web 
and  search  for  local  information  by  access¬ 
ing  Google’s  software  from  the  Windows 
task  bar. 

Google  Desktop  Search  is  available  at 
http://desktop.google.com.  ■ 


Want  to  see  for  yourself?  In  person? 

Learn  more  at  the  IBM  TotalStorage  Roadshow.  With 
product  presentations  and  the  latest  storage  news.  Don’t 
miss  out.  See  for  yourself  how  you  could  benefit  when 
everything  works  together.  For  more  information  or  to 
register,  go  to  ibm.com/totalstorage/save 

IBM  TotalStorage® 


'Price  comparison  based  on  U.S.  list  prices.  Actual  customer  prices  may  vary. 
Compares  IBM  TotalStorage  DS6800  system  with  2TBs  Operating  Environment 
License  software,  1.16TB  using  146GB  10K  FC  Drives,  4GB  of  memory,  19  inch  rack 
and  FICON  Attachment  license  (zSeries  support),  and  EMC  Symmetrix  DMX800  with 
2TBs  Control  Center  Management  software,  1.16TB  using  146GB  10K  FC  Drives,  and 
4GB  of  memory.  List  prices  for  EMC  Symmetrix  obtained  from  Ideas  International, 
www.ldeaslnternational.com,  as  of  10/1/04. 2IBM  TotalStorage  DS6800  may  be  used 
as  a  stand-alone  unit,  or  mounted  into  a  rack.  Size  comparison  is  based  on  stand¬ 
alone  use.  IBM,  TotalStorage  and  Power  Architecture  are  trademarks  or  registered 
trademarks  of  International  Business  Machines  Corporation  in  the  United  States 
and/or  other  countries.  Other  company,  product  and  service  names  may  be 
trademarks  or  service  marks  of  others.  ©2004  IBM  Corporation.  All  rights  reserved. 
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Presently  speaking 


Although  vendors  are  making  use  of  presence  in 
products  today,  the  technology  has  shortcomings  that 
corporate  users  should  be  aware  of  as  they  plan  to 
incorporate  it  in  their  communications  arsenal. 

'C  \V/-  ■  j  -i  •  ' 

Challenges  ' 

•  Standards  remain  underdevelopment. 

•  Security,  identity  management  issues  need  to  be  worked  out. 

•  Automating  status  of  users  is  needed  to  make  presence  practical. 

Strategies 

•  Plan  to  integrate  directories  with  presence  platforms. 

•  Choose  vendors  of  presence-related  technology  —  instant 
messaging,  VoIP,  videoconferencing  —  with  an  eye  toward 
demonstrated  compatibility  with  other  vendors. 

•  Establish  a  QoS  infrastructure  to  support  future  presence 
applications. 


VON 

continued  from  page  1 

for  instant  Messaging  and 
Presence  Leveraging  Extensions 
(SIMPLE).  Microsoft  Messenger 
uses  LCS  to  publish  presence  of 
users  and  make  IM  and  voice 
connections. 

Presence  is  a  collaborative 
technology  that  makes  it  possible 
for  users  to  announce  their  con¬ 
nections  to  a  network  and  see 
who  else  is  connected  and  by 
what  means,  including  VoIP  The 
technology  also  supports  com¬ 
munication  between  applica¬ 
tions  and  users  and  application- 
to-application  integration.  In  a 
network,  presence  infrastructure 
is  used  to  announce  which  appli¬ 
cations  are  up,  what  their  func¬ 
tions  are  and  what  types  of  pro¬ 
tocols  they  accept.  Vendors  are 
building  on  this  capability  to 
bring  users  together  to  promote 
better  communications. 

High-end  corporate  users  today 
make  the  most  use  of  complex 
presence  applications,  observers 
say.  For  example,  one  Jasomi 
financial-services  customer  uses 
presence  as  part  of  its  trading 
network.  Traders  can  conduct 
preliminary  business  via  text 
messaging  and  patch  in  a  voice 
or  video  connection  to  com¬ 
plete  transactions  using  LCS, 
according  to  Jasomi’s  CEO  Dan 
Freedman.  He  would  not  name 
the  customer. 

Jasomi  is  scheduled  to  an¬ 
nounce  that  its  rack-mounted 
PeerPoint  session  border  con¬ 


trollers  will  work  with  LCS  to 
enable  IP  communications  to 
cross  firewalls  or  network  address 
translation  devices.  Installed  at 
the  edge  of  a  network,  PeerPoint 
hardware  makes  it  possible  for 
multimedia  traffic  to  cross  fire¬ 
walls  without  arduous  reconfigu¬ 
ration  of  the  firewalls. 

Similarly,  Radvision,  which 
makes  a  multimedia  conferenc¬ 
ing  platform,  is  expected  to  an¬ 
nounce  cooperation  with  Micro¬ 
soft  that  will  make  it  possible  to 
use  Radvision  software  through 
Windows  desktops. 

While  it  would  not  provide 
details  about  its  announcement 
with  Microsoft,  Broadsoft  says  it 
will  include  a  joint  development 
agreement  to  presence-enable 


voice  calls.  The  agreement  also 
calls  for  making  it  possible  to 
launch  multimedia  connections 
within  any  Windows  application. 
For  example,  someone  using 
Excel  could  launch  a  sharing  ses¬ 
sion  to  collaborate  on  a  spread¬ 
sheet  with  a  colleague. 

Broadsoft  would  integrate  its 
suite  of  PBX,  IP  Centrex  and  col¬ 
laborative  conferencing  software 
with  LCS.  Such  integration  would 
let  businesses  tap  the  collabora¬ 
tion  suite  by  buying  it  or  by  buy¬ 
ing  it  as  part  of  a  service  hosted  in 
a  carrier  network. 

IBM  has  integrated  presence  in 
Lotus  Notes,  but  its  use  is  in  the 
early  phases,  the  company  says. 

For  its  part,  Microsoft  plans  to 
introduce  the  next  LCS  2005 
client,  which  is  slated  to  ship  in 
December.  The  client  —  code- 
named  Istanbul  —  is  the  follow¬ 
up  to  Windows  Messenger  5.0 
and  is  expected  to  add  voice 
capabilities  including  taking 
voice  calls  routed  by  PBXs  and 
softswitches.  It  also  will  support 
internal  routing  of  calls  via  Active 
Directory 

“[Today]  you  can  link  voice 
calls  in  to  people  within  your 
organization  that  are  listed  in 
Active  Directory,  but  you  can’t  do 
it  externally  says  a  source  close 
to  Microsoft,  who  asked  not  to  be 
identified.The  client  will  use  pres¬ 
ence  support  in  LCS  to  find  other 
voice-enabled  end  users  who  are 
online,  the  source  says.“Microsoft 
is  taking  some  baby  steps  with  its 
direction  and  providing  a  cheap 
way  to  make  internal  voice  calls. 
Microsoft  is  trying  to  build  up 
trust  as  a  voice  provider.  People 
are  not  going  to  be  throwing  out 
their  Avaya  or  Lucent  PBXs  to  go 
with  Microsoft  for  voice." 

What  is  more  likely, says  Melanie 
Turek,  an  analyst  with  Nemertes 


Research,  is  Microsoft  will  try  for 
compatibility  with  IP  voice  gear 
and  focus  on  blending  voice  with 
applications.  “They  will  go  to  tele¬ 
phony  vendors  for  voice  and  inte¬ 
grate  with  LCS  for  application- 
based  presence,” she  says. “I’m  not 
convinced  they  have  an  easy 
road  ahead  of  them.” 

That’s  because  telephony  ven¬ 
dors  are  already  supporting 
presence-based  conferencing, 
she  says. 

Ericsson,  for  instance,  is  expect¬ 
ed  to  announce  at  VON  that  its  IP 
Multimedia  Subsystem  confer¬ 
encing  software  will  make  IM, 
VoIP  and  videoconferencing 
available  to  anyone  from  any 
location.  Similarly  Siemens  has 
been  selling  its  HiPath  Open- 
Scape  collaboration  suite  based 
on  LCS  since  last  year,  and  is  said 
to  have  announcements  about  it 
at  VON  that  it  would  not  reveal. 

Businesses  look  forward  to  pres¬ 
ence  capabilities  because  they 
can  save  on  costs  by  running  all 
forms  of  communications  over 
the  same  network.  Users  will 
become  more  productive  be¬ 
cause  they  will  be  more  accessi¬ 
ble  on  a  wide  variety  of  devices, 
says  John  Streck,  director  of  net¬ 
working  research  and  develop¬ 
ment  at  North  Carolina  State  Uni¬ 
versity,  who  is  moderating  “The 
Killer  App:  Using  Presence  and 
Instant  Messaging”  on  Wednesday 
at  VON. 

“Presence  adds  a  lot  of  value 
because  it  adds  context  to  an  end 
user’s  network  identity  and  lets 
you  optimally  deliver  data  to  an 
[end  user] "  Streck  says. 

Despite  all  the  chatter  about 
presence,  industry  observers  say 
wide  adoption  of  the  technology 
is  still  years  off. “[Presence]  is  in 
the  same  situation  MPLS  was  four 
years  ago,”  says  Zeus  Kerravala,an 
analyst  with  The  Yankee  Group. 
“There’s  lots  of  promise,  but  a 
limit  to  what  it  can  do  in  an  open, 
multi-vendor  environment.” 

Turek  agrees.  “It’s  a  lot  like  VoIP 
in  that  it  took  a  while  for  IT  exec¬ 
utives  to  understand  the  real 
value  of  it,”  she  says.“They  say, ‘I 
can  see  the  value, but  I  can’t  mea¬ 
sure  it  and  I  have  other  priorities 
right  now’” 

According  to  an  1DC  study  this 
year  of  492  IT  executives,  only  156 
used  IP  PBXs.  Of  those,  7%  said 
they  are  using  the  IP  voice  gear 
with  IM  and  presence.  “That  is  a 
significant  finding  that  presence 
is  not  taking  off  yet,”  says  Paul 
Strauss,  an  analyst  with  IDC  who 
conducted  the  research.  ■ 
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passed  to  ACS  for  further  interrogation. 

If  deemed  up  to  snuff,  the  device  would  be  granted  access.  If  not, 
IBM  Tivoli  Provisioning  Manager  —  a  software  distribution  product 
—  would  scan  the  device  to  see  if  it  could  provide  the  appropriate 
patches  to  let  the  device  gain  access.  In  cases  in  which  it  could  not,  the 
software  would  alert  IT  staff  to  the  device’s  presence  in  the  quaran¬ 
tined  area  and  notify  them  to  take  appropriate  actions. 

“The  products  will  work  together  to  access  and  provision  network 
services  based  on  identity  The  two  in  concert  can  get  a  very  granular 
picture  of  who  is  trying  to  gain  access  and  what  is  on  the  machine  at 
the  time,”  says  Dave  King,  director  of  business  development  for  the 
security  technology  group  at  Cisco. 

The  products  are  set  for  December  and  draw  on  technology  Cisco 
uses  in  its  Network  Admission  Control  (NAC)  initiative,  which  involves 
the  company  partnering  with  anti-virus  vendors  to  scan  client  devices 
and  determine  if  they  can  gain  access  to  a  network.  The  Cisco/IBM 
effort,  the  companies  say  is  a  step  beyond  NAC  by  taking  into  consider¬ 
ation  more  than  virus  definitions.  For  example,  the  Tivoli  compliance 
software  will  scan  for  operating  systems,  patches,  firewalls,  applications 
such  as  Kazaa  and  viruses  to  determine  if  a  device  can  gain  access. 

The  joint  effort  could  let  customers  eliminate  some  guesswork  in 
granting  network  access,  industry  watchers  say  “The  two  companies 
realized  they  can’t  do  it  all  alone  and  that  working  together  will  help 
•-  ■  istomers  get  a  handle  on  the  authentication  nightmare  of  employees 
connecting  all  over  the  place,"  says  Chris  Byrnes  of  the  Meta  Group.  ■ 
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Foundry  switch  software  secures  WLANs 


■  BY  PHIL  HOCHMUTH 

Foundry  Networks  is  adding  features  for 
its  wireless  LAN  switch  software  that  the 
company  says  will  help  customers  make 
WLANs  more  secure  and  easier  to  manage 
while  allowing  for  increased  wireless  client 
roaming. 

New  features  on  its  access  points  let  the 
boxes  detect  unauthorized  WLAN  users 
and  equipment  inside  a  firm.  New  software 
features  for  Foundry’s  WLAN-enabled  Ether¬ 
net  switches  include  the  ability  to  detect 
and  configure  Foundry  IronFbrt  200  access 
points,  and  support  for  Layer  3  roaming. 

Foundry  offers  a  software  upgrade  that 
adds  WLAN  switch  features  to  its  Fastlron 
Edge  switch  products  features,  such  as 
access  point  management  and  detection. 
The  latest  software  upgrade  lets  Foundry’s 
Fastlron  Edge  Switches  detect  when  a 
Foundry-based  access  point  is  plugged 


■  Caymas  Systems  is  introducing 
appliances  that  secure  network  traffic 
by  drawing  on  existing  network  infra¬ 
structure  to  enforce  access  restric¬ 
tions.  The  devices,  called  Caymas 
220, 318  and  525,  enforce  a  variety  of 
access  policies  as  well  as  logging  and 
auditing  who  accesses  what  re¬ 
sources.  The  boxes  are  less  expensive 
than  full-blown  identity  management 
platforms,  the  company  says.  Caymas 
220  for  up  to  100  users  costs  $10,000; 
Caymas  318  for  up  to  500  users  costs 
$25,000;  and  Caymas  525  for  up  to 
2,500  users  costs  $45,000. 

■  SonicWall  last  week  introduced  a 
stand-alone,  content-filtering  appli¬ 
ance  for  businesses  with  50  to  1,000 
users.  The  offering  targets  businesses 
that  might  have  a  firewall/VPN  box. 
Called  Content  Security  Manager 
2100  CF,  the  device  checks  URLs 
being  sought  against  a  library  of 
blocked  Web  addresses  and  drops 
requests  if  they  match. The  CSM  2100 
CF  is  available  for  $2,400  for  an  appli¬ 
ance  licensed  for  25  users.  The  appli¬ 
ance  alone  costs  $2,075. 


into  a  port  on  the  switch,  and  configure 
security  and  access  settings  without  requir¬ 
ing  an  IT  staff  member  to  access  the 
switch’s  management  console. 

The  upgrade  also  lets  Fastlron  Edge 
switches  support  Layer  3  wireless  roaming 
on  WLAN  clients.This  lets  WLAN  users  with 
laptops,  PDAs  or  Wi-Fi-enabled  IP  phones 
roam  among  WLAN-enabled  Foundry 
switches,  and  across  switches  that  are  on 
different  subnets.  Previous  Foundry  WLAN 
gear  supported  Layer  2  roaming  among 
switches  on  the  same  LAN  segment. 

Upgrading  LAN  gear  to  handle  WLAN 
switch  functions  is  an  easier  way  to 
deploy  a  secure  wireless  infrastructure 
than  with  other  products  that  introduce 
WLAN  appliances  or  separate  switches, 
says  Michael  Hong,  a  Foundry  product 
marketing  manager. 

Hong  says  Foundry’s  approach  also  dif¬ 
fers  from  Cisco’s  Structured  Wireless-Aware 
Network  blueprint  because  the  Cisco 
architecture  requires  a  Catalyst  6500  switch 


with  a  special  blade  to  handle  WLAN  secu¬ 
rity  and  access  point  management. 

A  new  software  upgrade  for  Foundry’s 
access  points  adds  radio  frequency  moni¬ 
toring  to  IronPoint  200  devices.This  allows 
an  access  point  to  be  deployed  as  a  dedi¬ 
cated  monitoring  node  for  unauthorized 
WLAN  radio  traffic.  Instead  of  connecting 
users,  the  access  points  can  be  configured 
to  “sniff”  the  air  for  WLAN  frequencies  and 
network  IDs  that  are  not  allowed  on  the 
WLAN. This  could  include  detecting  unau¬ 
thorized  media  access  control  addresses 
on  WLAN  clients  that  are  not  part  of  an  or¬ 
ganizations  network,  or  finding  rogue  ac¬ 
cess  points. 

Configuring  WLAN  access  policies  associ¬ 
ated  with  the  monitoring  feature  is  per¬ 
formed  through  Foundry’s  IronView  Net¬ 
work  Manager  software,  which  runs  on  a 
separate  management  PC. 

Last  August,  Foundry  launched  its 
IronPort  line  of  WLAN  products,  as  well  as 
software  that  adds  WLAN  switch  capabili¬ 


ties  to  its  Fastlron  Edge  switch  product  line. 
The  launch  counters  Extreme  Networks’ 
foray  into  WLAN  earlier  in  2003,  and  an 
attempt  to  lure  Foundry  switch  customers 
who  were  installing  other  vendor’s  WLAN 
gear.  Foundry’s  WLAN  gear  also  competes 
with  products  from  3Com, Cisco  and  Nortel 
as  well  as  WLAN-focused  vendors  such  as 
Aruba  Wireless  Networks,  AirFlow  and 
Trapeze  Networks. 

The  IronPoint  200  access  point  costs 
$800.  The  IronView  Network  Manager  soft¬ 
ware  is  available  for  $10,000  for  the 
Advanced  Edition,  which  manages  all 
Foundry  devices,  or  $2,000  for  the  version 
that  only  manages  IronPoint  devices.  A 
WLAN  Fastlron  Edge  Switch  software  pack¬ 
age  costs  $4,000  for  a  24-port  Fastlron  Edge 
switch;  $6,000  for  a  48-port  switch;  and 
$10,500  for  a  96-port  switch.  Users  already 
running  WLAN-enabled  Fastlron  switches 
can  add  the  new  auto-configuration  and 
Layer  3  roaming  features  with  a  $1,000 
upgrade  kit.  ■ 


IBM  bolsters  its  mainframe  platform 

■  BY  ANN  BEDNARZ 


The  Big  iron 

IBM  recently  detailed  a  handful  of  technology  enhancements  centered 
around  its  mainframe. 


Technology 

Significance 

Availability 

Enterprise  Workload 
Manager  for  z/OS 

Lets  zSeries  management  tools  monitor  and 
manage  applications  across  IBM  eServer 
platforms. 

Q4  2004 

GDPS  Hyperswap 
Manager  for  single¬ 
site  recovery 

Enables  dynamic  management  of  disk 
subsystems  within  a  single  site. 

Q1  2005 

zAAP  with  z/OS  1.6 

Lets  companies  more  economically  integrate 
Java-based  technology  workloads  with 
mainframe  resources. 

Now 

Communication 
Controller  for  Linux 
on  zSeries 

Simplifies  integration  of  SNA  networks  with 
a  Linux  image;  replaces  functions  provided  by 
3745  and  3746  Communications  Controllers. 

Q2  2005 

zTPF  Enterprise 
Edition  VI. 1.0 

Upgrade  of  operating  system  designed  for 
heavy  transaction  processing. 

Now 

IBM  is  working  to  make  the  mainframe  — 
with  its  reputation  for  resilience  and  secu¬ 
rity  —  a  key  element  not  only  in  compa¬ 
nies’  legacy  environments  but  also  in  their 
future  IT  blueprints. 

Big  Blue  has  used  recent  customer 
events  in  New  York,  Paris  and  Tokyo  to 
share  future  plans  for  its  venerable  main¬ 
frame  computing  platform,  which  celebrat¬ 
ed  its  40th  anniversary  earlier  this  year. 

Customers  are  looking  for  the  mainframe 
to  play  a  wider  role  in  a  heterogeneous  IT 
infrastructure, says  Colette  Martin,  a  zSeries 
program  director  at  IBM. 

Analysts  say  mainframe  customers  con¬ 
tinue  to  invest  in  the  platform.  At  a  recent 
data  center  conference,  Gartner  polled 
mainframe  users  and  found  the  larger  sites 
are  not  scaling  back  their  mainframe  in¬ 
vestment,  but  are  continuing  to  grow  the 
platform  through  legacy  and  new  work¬ 
loads  such  as  Linux  applications. 

While  the  number  of  IBM  mainframe 
installations  has  declined  each  year  — 
because  of  sales  at  the  low,  sub-100  MIPS 
end  of  the  market  —  the  number  of  million 
instructions  per  second  IBM  annually  ships 
and  the  amount  of  mainframe  capacity 
installed  continues  to  grow,  Gartner  says. 


To  continue  that  success,  IBM  unveiled  a 
variety  of  technology  upgrades  planned 
for  its  zSeries  mainframe  family 
Extending  the  mainframe’s  management 
capabilities  is  one  tactic.  IBM  plans  to  deliv¬ 
er  by  year-end  its  Enterprise  Workload  Man¬ 
ager  for  z/OS  designed  to  let  companies 


monitor  and  manage  applications  across 
IBM  eServer  platforms  —  not  just  across  its 
zSeries  mainframe  systems.  Existing  z/OS 
workload  management  tools  will  be  able 
to  interface  with  the  workload  managers 
implemented  in  other  eServer  operating 

See  IBM,  page  16 
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Never  underestimate  Larry  Ellison. 
Former  PeopleSoft  CEO  Craig  Con¬ 
way  is  the  most  recent  of  those  van¬ 
quished  by  the  rogue  from  Redwood  City 
But  there’s  another  triumph  coming  that 
might  be  sweeter  for  Ellison  if  only  be¬ 
cause  other  people  thought  he  stumbled 
badly  a  half-dozen  years  ago  when  he 
might  have  been  ahead  of  his  time. 

In  1995,  Ellison  boldly  told  the  world  that 
he  would  take  on  the  Microsoft  monolith 
with  a  new  breed  of  computing  device, 
dubbed  the  network  computer. This  would 
be  a  low-power,  stripped-down  hardware 
platform  running  a  low-power,  stripped- 
down  operating  system  with  a  Web  brow¬ 
ser  as  its  user  interface.  Ellison  touted  a 


Oracle  GEO  Ellison:  Don't  tug  on  Superman's  cape 


vision  of  a  $500  computing  device  on 
everyone’s  desktop.  From  this  idea  was 
born  the  entire  application  service  pro¬ 
vider  model  of  computing  in  which  users 
would  no  longer  purchase  software  licens¬ 
es,  but  would  rent  or  lease  the  services  as 
they  needed  them  delivered  via  the  brows¬ 
er  on  their  network  computer. 

The  ideas  garnered  lots  of  support  in  the 
mid  1990s  but  eventually  floundered  as 
people  wanted  more  power  on  their  desk¬ 
top.  With  prices  on  standard  PCs  dropping 
below  $1,000,  the  network  computer 
looked  less  desirable.  We’d  thought  Micro¬ 
soft  had  won  that  war,  but  it  might  have 
only  won  a  battle. 

A  couple  of  weeks  ago,  at  the  Fall  Pro¬ 
cessor  Forum  conference  in  San  Jose,  Bob 
Bailey,  CEO  of  chip  maker  PMC-Sierra, 
announced  a  new  consortium  of  chip 
makers  aligned  with  Asian  (primarily 
Chinese)  manufacturers  that  would  re¬ 
launch  the  network  computer,  dubbed  by 
some  the  “open  source”  computer.  One 


major  difference  with  the  new  network 
computer  would  be  price  —  Bailey  esti¬ 
mated  a  retail  target  of  $150.  Not  only  would 
it  cost  less,  but  it  also  would  do  more. 

The  new  network  computer  would  run 
an  almost  free  distribution  of  Linux  cou¬ 
pled  with  free  or  low-cost  open  source 
applications  on  top  of  a  commoditized 
hardware  platform.  Server-based  comput¬ 
ing  is  also  helped  by  today’s  larger,  less- 
expensive  bandwidth  than  that  available  in 
1995.The  new  network  computer’s  success 
isn’t  guaranteed,  of  course,  but  the  genesis 
was  Ellison’s  idea.  And  to  paraphrase  the 
late  Jim  Croce: 

Don’t  tug  on  Superman’s  cape 
Don’t  spit  into  the  wind 
Don’t  pull  the  mask  off  the  Lone  Ranger 
And  you  don’t  mess  with  Larry  Ellison. 

Kearns ,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 
Valley.  He  can  be  reached  at  wired@ 
vquill.com. 


Tip  of  the  Week 


9  arry  Ellison  is  a  fascinat- 
Ling  guy,  but  there  are 
other  software  company 
leaders  with  interesting  sto- 
/  ries,  too.  Last  week  in  the 
Identity  Management  news- 
letter  (www.nwfusion.com, 
DocFinder:  4226)  you  could 
§|j|J  have  met  a  CEO  whose 

father  is  prime  minister  of  an 
eastern  Mediterranean  coun- 
§|§|1  try.  This  week  I'll  be  talking 
about  the  CEO  who's  fea- 
/|||§f  tured  conducting  the  orches¬ 
tra  on  a  Gilbert  and  Sullivan 


/  recording  as  well  as  another 
|| If!  who  once  fell  into  a  piranha- 


EnKoo  fattens  up  remote  SSL  appliances 


The  enKoo  3000  SSL  remote  access  gateway  supports  200  users  as 
well  as  Citrix  and  Terminal  Services. 

rate  .PST  files,  one  for  the  laptop 


■  TIM  GREENE 

EnKoo  this  week  is  introducing 
SSL  remote-access  gear  it  says 
supports  more  users  and  lets 
them  connect  to  more  applica¬ 
tions  with  less  administrative 
work  involved. 

The  company’s  enKoo  3000 
appliance  is  designed  to  handle 
up  to  200  concurrent  users,  twice 
that  of  the  company’s  previous 
high-end  box. 

The  devices  sit  between  the 
Internet  and  corporate  servers, 
and  proxy  SSL  sessions  between 
those  servers  and  browsers  on 
remote  computers.  The  traffic 
passes  through  firewall  ports  nor¬ 
mally  left  open. 

New  software  lets  enKoo  de¬ 
vices  exploit  existing  entries  in 
Active  Directory  and  Lightweight 
Directory  Access  Protocol  to 
authorize  what  network  resources 
users  can  access.  Previously  cus¬ 
tomers  had  to  enter  that  data 
manually 

New  appliance  software  also 
lets  Citrix  customers  access  Meta- 
Frame  servers  and  the  applica¬ 
tions  they  support  via  Web 
browsers  rather  than  Citrix  client 
software.  The  software  upgrade 
lets  enKoo  customers  give  end 
useis  Web  access  to  terminal  ser¬ 
vices.  This  broadens  the  range  of 
applications  remote  users  can 
reach  via  the  enKoo  boxes. 

The  Citrix  support  is  likely  to 
save  heatii:g/air  conditioning  dis¬ 
tributor  Slakey  Brothers  $20,000 


per  year,  says  Steve  Gillespie,  IT 
systems  supervisor  for  the  Elk 
Grove,  Calif.,  company  About  half 
the  200  users  accessing  the  net¬ 
work  via  Citrix  are  being  shifted 
over  to  the  enKoo  box,  which 
eliminates  the  need  for  that  many 
Citrix  client  licenses,  he  says. 
Those  end  users  being  switched 
also  will  have  easier  network  ac¬ 
cess,  he  says,  as  using  the  Citrix 
client  requires  multiple  logons, 
first  to  the  Slakey  firewall  and 
then  to  the  Citrix  server. 

When  remote  users  access  their 
e-mail,  it  doesn’t  sync  properly 
with  the  Microsoft  Outlook  server 
because  the  laptops  have  sepa- 


and  one  for  the  Citrix  client,  that 
keep  track  of  the  e-mails,  he  says. 
The  enKoo  box  eliminates  that 
problem  because  there  is  no  sep¬ 
arate  .PST  file  needed. 

The  new  enKoo  gear  is  likely  to 


make  the  company  more  attrac¬ 
tive  to  the  small  and  midsize  busi¬ 
nesses  enKoo  is  wooing,  says 
Michael  Suby  an  analyst  with 
Stratecast  Partners. 

The  drawback  to  the  enKoo 
boxes  are  that  they  don’t  have  as 


many  features  and  support  for  as 
many  applications  as  some  of  the 
other  vendors,  he  says.  But  the 
company  says  it  plans  to  add 
them,  and  the  new  box  and  soft¬ 
ware  will  fall  in  line  with  that  plan. 

The  enKoo  3000  ranges  from 
$4,000  for  a  license  for  25  concur¬ 
rent  users  to  $10,000  for  a  license 
for  200.  Software  support  for  Citrix 
costs  $1,000  to  $3,000  extra, 
depending  on  the  number  of 
users  the  box  supports.  Terminal 
services  software  costs  the  same. 

The  Citrix  and  terminal  services 
software  are  also  available  for 
enKoo’s  older,  smaller  hardware, 
the  enKoo  1000  and  2000.  ■ 


IBM 

continued  from  page  17 
systems,  IBM  says. 

Another  forthcoming  feature  enables  back¬ 
up  and  recovery  of  single-site  systems.  IBM’s 
Geographically  Dispersed  Parallel  Sysplex 
(GDPS)  Flyperswap  Manager  for  single-site 
recovery  is  an  entry-level  version  of  existing 
technology,  aimed  at  smaller  companies 
with  single  mainframe  sites,  Martin  says.  Due 
early  next  year,  the  utility  lets  companies 
dynamically  manage  disk  subsystems  across 
one  site. 

Also  designed  to  ease  IT  budget  strain  is 
IBM’s  Communication  Controller  for  Linux  on 
zSeries,  due  by  mid-2005.  The  technology  is 
aimed  at  simplifying  the  integration  of  legacy 
SNA  networks  with  Linux  applications;  it 
replaces  functions  provided  by  IBM’s  discon¬ 
tinued  3745  and  3746  Communications 
Controllers. 


Instead  of  relying  on  outboard  units  that  sit 
outside  of  the  mainframe  to  handle  SNA  com¬ 
munications,  the  new  communication  con¬ 
troller  resides  on  a  zSeries  mainframe  to  sim¬ 
plify  setups  and  reduce  costs,  Martin  says. 

To  help  make  zSeries  suitable  for  a  range  of 
applications,  IBM  announced  support  for 
zSeries  Application  Assist  Processor  (zAAP) 
with  z/OS  1.6.  A  specialized  Java  execution 
processor,  zAAP  is  designed  to  increase  Java 
performance  on  the  mainframe. 

ZAAP  is  an  engine  to  run  mainframe,  Java- 
based  workloads,  Martin  says.  Users  can  off¬ 
load  Java  instructions  from  the  zOS  engine  to 
the  zAAP  engine,  and  free  standard  main¬ 
frame  processing  capacity  for  other  work  or  to 
save  money  —  users  don’t  incur  IBM  software 
charges  for  anything  that  runs  on  zAAP  she 
says. 

IBM  has  had  special  processing  gear  to  han¬ 
dle  Linux  workloads  —  with  its  Integrated 
Facility  for  Linux  (IFL)  processor,  for  example. 


The  zAAP  engine  is  similar  technology  for 
Java,  Martin  says. 

To  round  out  the  technology  news,  IBM 
announced  z/Transaction  Processing  Facility 
(z/TPF)  Enterprise  Edition  VI.  1.0  —  an  oper¬ 
ating  system  designed  for  high  availability 
transaction  processing.  Capable  of  processing 
tens  of  thousands  of  transactions  per  second, 
z/TPF  supports  C/C++  and  64-bit  zSeries  archi¬ 
tectures.  It  also  supports  the  latest  zSeries  10G 
Ethernet  adapters  on  IBM’s  zSeries  890  and 
990  server  lines. 

Z/TPF  brings  the  increased  productivity  of  a 
modern  Linux  development  environment  to 
TPF  —  which  is  critical  for  responding  quick¬ 
ly  to  changing  user  requirements,  says  David 
Lauderdale,  CTO  and  senior  vice  president  at 
travel  services  provider  Worldspan  in  Atlanta. 
“In  our  business,  we  need  to  be  able  to  rapidly 
respond  to  thousands  of  users  on  a  global 
basis  with  information  that  is  changing  every 
second,”  Lauderdale  said  in  a  statement.^ 
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Complete  solutions 
Best  security. 
Highly  reliable. 
Cost  effective. 


“Check  Point  Express  brings 
enterprise-class  security  to 
the  mid-sized  company  at  a 
price  and  performance  level 
that  meets  their  needs;’ 


Charles  Kolodgy,  Research  Director, 
Security  Products,  IDC 
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Mgmt  software  puts  IT  in  perspective 


■  BY  DENISE  DUBIE 

More  network  management  vendors  are 
adding  application  and  service-level  man¬ 
agement  features  to  their  wares  in  an  effort 
to  help  customers  more  quickly  resolve 
performance  problems  with  business-criti¬ 
cal  applications,  companies  say 
New  and  upgraded  products  from 


■  Quest  Software  last  week 

released  MessageStats  5.0,  a 

reporting  and  analysis  tool  for  Micro¬ 
soft  Exchange  Server.  It  features  a 
tool  that  categorizes  e-mail  traffic, 
storage  and  related  costs  broken 
down  by  business  units  and  depart¬ 
ments.  The  data  provides  detail  on 
how  e-mail  is  used  throughout  an 
organization  and  provides  IT  with  the 
ability  to  charge  e-mail  costs  back  to 
departments.  Version  5.0  also  includes 
an  executive  summary  report  feature 
and  auditing  controls  per  subject  lines, 
delivery  times,  mailboxes  and  SMTP 
domains  to  weed  out  messages  that 
might  violate  corporate  usage  poli¬ 
cies.  Pricing  for  MessageStats  5.0 
starts  at  $7.50  per  mailbox. 

■  IBM  last  week  agreed  to  buy  14- 
year-old  Montreal  software  developer 
Systemcorp  for  an  undisclosed 
sum.  Systemcorp  makes  PMOffice, 
a  project  portfolio  management  suite 
of  applications  for  tracking  and  prior¬ 
itizing  corporate  projects.  The  suite 
includes  modules  for  managing  pro¬ 
ject  costs  and  charges,  reusable  tem¬ 
plates,  time  tracking, 'collaboration, 
resource  planning  and  version  track¬ 
ing,  among  others.  IBM  plans  to 
incorporate  Systemcorp  into  its 
Rational  software  development 
group,  and  to  integrate  Systemcorp’s 
technology  into  the  IBM  Software 
Development  Platform,  its  portfolio 
of  programming  and  design  tools. 
Systemcorp,  a  long-time  partner  of 
IBM,  currently  has  70  employees, 
most  of  whom  will  be  offered  jobs  at 
IBM,  IBM  said. 


Software  sampler 

Vendors  continue  to  add  business  service  management  offerings  to  their 
product  suites. 


Company 

Product 

Price 

Aprisma 

Spectrum  Business  Service 
Intelligence  Solution 

$85,000  (existing  customers); 
$150,000  (new  customers) 

BMC 

Service  Impact  Manager  5.0 

$90,000 

Concord 

Communications 

Business  Service  Console 

$100,000 

Euclid 

BSM  Platform 

$200,000 

Magnum 

Technologies 

Magnum  Advantage 

$75,000 

Aprisma,  BMC  Software,  Concord  Com¬ 
munications,  Euclid  and  Magnum  Tech¬ 
nologies  promise  to  help  network  execu¬ 
tives  prioritize  troubleshooting  and  prob¬ 
lem  resolution  based  on  pre-defined  prior¬ 
ities  and  rules  established  between  IT  and 
business  managers. 

Dubbed  business  service  management 
(BSM)  software,  which  Forrester  Research 
defines  as  an  evolution  of  service-level 
management,  the  wares  are  said  to  mea¬ 
sure  IT  service  quality  report  results  and 
take  action  to  ensure  the  quality  stays  with¬ 
in  agreed  parameters. 

Companies  such  as  BMC,  HP  and  IBM 
have  touted  the  benefits  of  relating  IT 
events  to  application  and  business  service 
performance  this  year,  and  now  more  net¬ 
work  management  software  makers  are 
joining  the  cause.  Aprisma  this  week  will 
unveil  a  software  application  called  Spec¬ 
trum  Business  Service  Intelligence  (BSI) 
Solution, which  will  provide  a  user  interface 
that  shows  which  business  services  are 
affected  by  a  network  event,  Aprisma  says. 

Yet  to  monitor  a  service  from  start  to  fin¬ 
ish,  these  vendors  also  must  be  able  to  map 
the  path  an  application  or  service  takes 
from  request  to  fulfillment. 

Take  Concord.  Its  BSM  offering,  Business 
Service  Console  resides  on  a  server,  and  IT 
managers  use  a  wizard-like  tool  to  define 
and  model  business  services.  And  to  add 
more  application  intelligence  to  its  soft¬ 
ware,  the  company  recently  announced 
Version  5.7  of  its  eHealth  Suite  can  retrieve 
information  from  custom  and  packaged 
applications  running  across  Windows,  Java 
and  the  Web.  Concord  also  announced  a 
partnership  with  Siebel  Systems  that  will 
let  its  software  extract  more  management 
data  from  Siebel  applications.  EHealth 
Suite  is  the  foundation  from  which  the 
company’s  Business  Service  Console  add¬ 
on  application  works. 

EHealth  feeds  Business  Service  Console 
data  and  compares  real-time  performance 
metrics, such  as  application  response  time, 
network  latency  or  server  utilization 
against  pre-set  performance  objectives 
based  on  specific  business  services.  It 
alerts  staff  when  network  or  server  events 
could  affect  application  performance. 

BMC,  releasing  its  Service  Impact 
Manager  5.0  this  week,  also  uses  modeling 
technology  to  help  create  a  visual  picture 
of  the  application  path.  Aprisma  says  its  BSI 
product  uses  mapping  technology  to  relate 
network  components, servers,  and  applica¬ 
tions  together  into  logical  services,  busi¬ 


ness  processes  and  customer  departments, 
for  example. 

When  services  are  modeled,  many  BSM 
products  use  agents  installed  on  the  de¬ 
vices  along  the  application’s  path  to  moni¬ 
tor  response  times  from  servers,  network 
devices,  end-user  clients  and  even  the  appli¬ 
cation.  BMC  offers  agent  and  agentless 
monitoring  depending  on  network  configu¬ 
ration. The  response  times  from  each  com¬ 
ponent  are  measured, collected  and  sent  to 
a  central  repository  installed  on  a  dedi¬ 
cated  server  to  see  if  real-time  performance 
measures  up  to  pre-defined  rules. 

Vendors  also  have  added  various  user  in¬ 
terfaces:  some  for  technicians  managing  the 
network  and  some  for  executives  that  want 
to  directly  monitor  critical  applications. 
These  business  consoles  promise  to  let  non- 
IT  staff  know  how  an  application  is  doing 
without  requiring  any  knowledge  of  the 
technology  underlying  infrastructure  or  soft¬ 
ware  components  that  support  the  service. 

Scott  Bracken  started  working  with 
Concord’s  BSM  tool  for  that  reason.  About  a 
year  ago,  the  IT  specialist  at  Goodrich’s 
Chula  Vista,  Calif.,  IT  production  operations 
center  used  management  tools  from 
Concord,  HP  and  Mercury  Interactive  to 
monitor  the  status  of  network  components 
and  applications.  But  none  of  those  gave 
his  higher-ups  the  chance  to  see  for  the 
performance  of  a  critical  online  applica¬ 
tion  for  aircraft  parts  ordering. 

“At  first,  no  one  in  IT  was  taking  this  parts 
Web  site  as  seriously  as  we  should  have 
been,  but  a  grounded  aircraft  is  a  big 
money  loser  for  airlines,  and  they  want  to 
buy  parts  quickly  and  easily’  Bracken  says. 
The  Web  site  and  application  generate 
about  $100,000  in  orders  per  hour  for  the 
aircraft  parts  manufacturer,  and  company 
executives  would  not  tolerate  any  down¬ 


time  for  this  business  service. 

Bracken  used  his  Concord  software  to  set 
up  a  GUI  for  his  manager  and  other  line  of 
business  folks.  It’s  not  used  just  to  check  on 
how  well  IT  is  doing  its  job,  he  says.  It  also 
helps  customer  service  and  support  staff 
better  process  orders. 

“If  [customer  service]  sees  the  site  is 
down  or  even  just  responding  slowly  they 
will  contact  critical  customers  and  let 
them  know  to  phone  in  their  orders,” 
Bracken  says. ‘ft  prevents  them  from  losing 
parts  sales  due  to  an  application  problem 
on  our  end.” 

One  challenge  is  inherent  in  rolling  out 
BSM  products  is  knowing  who  wants  what 
information  and  how  they  want  it  present¬ 
ed,  Bracken  says.  He  says  network  man¬ 
agers  often  first  must  meet  with  line-of-busi- 
ness  managers  to  understand  how  they 
need  applications  to  perform  and  how 
they  want  to  be  alerted  to  problems.  The 
processes  that  business  managers  use 
also  must  be  incorporated  into  a  BSM 
product. 

According  to  research  firm  Summit 
Strategies,  service  management  initiatives 
in  enterprise  IT  departments  hit  road¬ 
blocks  culturally  more  so  than  technically. 
Many  IT  shops  work  independently  of  the 
business  units  they  support,  and  commu¬ 
nication  between  the  two  groups  often 
doesn’t  yield  enough  information  to  map 
desired  performance  levels  into  monitor¬ 
ing  software. 

“Service  management  requires  IT  to 
reinvent  the  way  it  does  business,”  Mary 
Johnston  Turner,  vice  president  and  prac¬ 
tice  director  at  Summit  Strategies,  wrote  in 
a  recent  report. “Getting  the  expected  ser¬ 
vice  management  software  [ROI]  requires 
both  IT  and  business  to  change  their 
modus  operandi.”B 
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The  SANS  Institute  just  released  its 
2004  list  of  the  20  most  critical 
Internet  security  vulnerabilities.  It 
includes  10  threats  in  Windows-based  sys¬ 
tems  and  10  in  Unix-based  systems. 

The  title  is  a  little  bit  misleading  because 
SANS  does  not  list  specific  vulnerabilities. 
Instead  it  lists  programs  or  sub-systems  that 
too  often  contain  vulnerabilities. 

The  whole  list  comes  across  a  little  bit 
like  telling  someone  to  stop  breathing  in 
order  to  avoid  getting  cancer  from  air  pol¬ 
lution  —  accurate  but  useless  advice.  I’ll 
focus  on  the  Windows  part  of  the  list 
(www.sans.org/top20/)  because  many 
more  people  can  relate  to  Windows  vul¬ 
nerabilities  than  Unix  ones  (including.  I 


suppose,  Mac  OSX). 

The  10  “vulnerabilities”  on  the  SANS  list 
are:  Web  servers  &  services,  workstation  ser¬ 
vice,  Windows  remote  access  services, 
Microsoft  SQL  Server,  Windows  authentica¬ 
tion,  Web  browsers,  file-sharing  applica¬ 
tions,  Windows  Local  Security  Authority 
Subsystem  Service  exposures,  Microsoft 
Outlook  mail  client  and  instant  messaging. 

You  can’t  just  turn  all  these  things  off  and 
have  much  of  a  system  left,  so  as  the  SANS 
commentary  suggests,  adopting  aggressive 
patching  strategies  is  the  Windows  users 
only  hope  for  survival. 

Most  of  the  problems  the  SANS  Institute 
discusses  with  these  Microsoft  and  non- 
Microsoft  applications  and  Windows  sub¬ 
systems  can  be  summarized  by  saying  that 
lots  of  examples  of  poor  programming 
practice  have  been  found  and  exploited  in 
this  software.  I’d  expect  that  some  of  the 
software  listed  will  be  replaced  next  year 
with  other  software  where  the  same  sort  of 
problems  have  been  uncovered. 


With  40  million  or  more  lines  of  secret 
source  code  in  Windows  XTI  find  it  hard  to 
imagine  that  there  aren’t  many  thousands 
of  bugs  yet  to  be  discovered  (www.nwfu- 
sion.com,  DocFinder:4224). 

I  expect  there  are  also  many  bugs  in  the 
30  million  or  more  lines  of  source  code  in 
Linux,  but  the  public  nature  of  the  code 
means  the  problems  may  be  found  and 
fixed  sooner. 

Bugs  in  software  are  to  be  expected 
because  programmers  often  are  humans 
and  perfection  is  an  uncommon  trait 
among  humans.  But  some  issues  on  the 
SANS  list  are  not  bugs  —  they  are  features. 
The  best  example  is  the  Outlook  mail 
client,  of  which  the  SANS  commentary 
politely  says  “the  embedded  automation 
features  are  at  odds  with  the  built-in  secur¬ 
ity  controls  (often  disregarded  by  end 
users).”  In  a  bit  of  understatement,  SANS 
mentions  that  “this  has  given  rise  to  e-mail 
viruses,  worms,  malicious  code  to  compro¬ 
mise  the  local  system,  and  many  other 


forms  of  attack.”  This  kind  of  thing  is  far 
harder  to  fix. 

If  all  this  makes  you  want  to  get  an  aba¬ 
cus  (or  a  Mac), you’re  not  alone. 

But  sad  to  say  neither  solution  is  accept¬ 
able  in  much  of  today’s  workplace,  even 
though  at  least  the  Mac  would  do  the  job 
most  of  the  time.  (It’s  hard  to  do  word  pro¬ 
cessing  on  an  abacus  though.) 

That  leads  back  to  the  advice  mentioned 
earlier  about  breathing  —  which  was 
about  the  only  statistically  valid  result  of 
the  cancer  and  air  pollution  research  I  par¬ 
ticipated  in  as  a  lab  technician  in  my  first 
job  out  of  Boston  University. 

Disclaimer:  Some  things  that  Harvard’s 
neighbors  see  as  bugs  Harvard  sees  as  fea¬ 
tures  (students  on  a  Saturday  night  for 
example).  But  I  did  not  ask  the  neighbors 
or  Harvard  about  the  above  lament. 

Bradrter  is  a  consultant  with  Howard 
University's  University  Information  Systems. 
He  can  be  reached  at  sob@sob.com. 


SANS  Institute  names  Top  20  vulnerabilities 


■  BY  JOHN  FONTANA 

The  Unix  kernel  and  databases  that 
run  on  that  operating  system,  along  with 
security  sub-systems  and  instant  mes¬ 
saging  that  run  on  Windows,  are  the 
newest  additions  to  the  SANS  Institute’s 
annual  list  of  Top  20  vulnerabilities  most 
exploited  by  hackers. 

The  list,  released  last  week,  highlights  the 
most  common  holes  exploited  in  software 
and  is  used  by  the  SANS  Institute  to 
encourage  corporations  to  make  the  vul¬ 
nerabilities  a  priority  as  they  develop 
patch-management  strategies. 

“This  is  the  minimal  list  that  organiza¬ 
tions  need  to  get  their  arms  around  to  pro¬ 
tect  critical  IT  infrastructure,” says  Gerhard 
Eschelbeck,  a  member  of  the  committee 
that  developed  the  list  and  the  CTO  at 
Qualys,  a  supplier  of  on-demand  vulnera¬ 
bility  management.  Qualys  last  week  also 
made  available  at  no  cost  a  Web-based 
service  that  will  scan  infrastructure 
servers  for  the  Top  20  vulnerabilities. 

The  federally  supported  Common 
Vulnerabilities  and  Exposures  project 
has  catalogued  10,000  vulnerabilities. 
The  SANS  Institute  says  that  number 
includes  3,300  known  remotely 
exploitable  vulnerabilities  and  that  200 
of  them  are  linked  to  the  Top  20  identi¬ 
fied  by  SANS  (see  graphic,  right). 

“If  a  company  searches  for  all  vulnera¬ 
bilities,  they’ll  find  thousands  and  thou¬ 
sands,”  says  Alan  Paller,  director  of 
research  at  the  SANS  lnstitute.“If  you  give 
a  report  with  10,000  or  20,000  vulnerabili¬ 
ties  to  the  systems  staff,  they  don’t  know 
where  to  start, and  they  know  they’ll  never 
get  them  all  done.” 

The  Top  20  list,  which  does  not  rank  the 


vulnerabilities,  is  actually  two  lists  divided 
into  the  Unix  and  Windows  platforms.The 
vulnerabilities  are  not  necessarily  within 
those  operating  systems  or  their  variants, 
but  can  reside  in  software  that  runs  on 
those  platforms. 

For  example,  the  Windows  list  calls  out 
Web  servers  and  services,  including 
Microsoft’s  Internet  Information  Server, 
Apache  and  Sun  Java  System  Web  Server. 

Eschelbeck  says  research  into  the  Top  20 
does  not  support  arguments  that  Windows 
is  any  more  or  any  less  secure  than  Linux 
or  any  other  operating  system. 

“Clearly  what  is  happening  now  [on  any 
platform]  is  dealing  with  the  sins  of  the 
past,  which  have  been  a  lack  of  quality 
and  security  in  the  software  development 
process,”  he  says. 

Eschelbeck,  who  did  extensive  research 
for  the  list,  including  evaluating  data 
gleaned  from  scans  of  six  million  comput¬ 
ers,  says  that  every  21  days  half  of  all 
Internet-facing  servers,  such  as  mail  or 
Web  servers,  are  patched  to  address  Top  20 
vulnerabilities.  For  example,  if  10,000 
machines  have  a  vulnerability,  roughly 
5,000  will  be  patched  after  21  days.  In  the 
next  21  days,  another  2,500  will  be 
patched. 

“That  is  pretty  good  actually,  but  in  con¬ 
trast,  it  takes  62  days  to  patch  vulnerabili¬ 
ties  on  half  the  vulnerable  computers 
inside  a  company’  says  Eschelbeck.  He 
says  he  hopes  that  is  cut  to  40  days  within 
the  year.H 


Bug  Patch  Alert 

Subscribe  to  our  free  newsletter. 
DocFinder:  5434  www.nwfusion.com 


Top  vulnerabilities 

Here  is  a  look  at  a  few  of  the  most  common  software  vulnerabilities, 
which  are  not  ranked  in  any  specific  order.  The  full  list  and  complete 
explanations  are  available  at  www.sans.org. 


Unix  and  Unix-based  variants 

Details 

BIND  DNS 

Due  to  the  ubiquity  and  critical  nature  of  BIND,  it 
has  been  made  the  target  of  frequent  attacks  such 
as  denial-of-service  buffer  overflows  and  cache 
poisoning. 

Version  control  systems 

Vulnerabilities  seen  in  Concurrent  Versions  System 
configured  for  remote  access. 

Open  SSL 

Multiple  vulnerabilities  exist  in  the  OpenSSL  library. 

Databases 

Databases  are  extremely  complex  applications  and 
are,  often  times,  difficult  to  correctly  configure  and 

secure. 

Kernel 

Risks  from  kernel  vulnerabilities  include  Denial  of 
service,  execution  of  arbitrary  code  with  system 
privileges,  unrestricted  access  to  the  file  system, 
or  root  level  access. 

Windows 

Details 

Web  servers  and  services 

Default  installations  of  various  HTTP  servers  and 
additional  components  for  serving  HTTP  requests 

Web  browsers 

Vulnerabilities  applicable  to  Internet  Explorer,  Mozilla, 
Firefox,  Netscape  and  Opera. 

LSAS  exposures 

Windows  Local  Security  Authority  Subsystem 
Service  contains  critical  buffer  overflow  that  if 
exploited  can  lead  to  full  system  compromise. 

Mail  client 

Outlook  and  Outlook  Express  can  successfully 
protect  users  against  viruses,  worms,  malicious 
code,  if  appropriately  configured. 

Instant  messaging 

Remotely  exploitable  vulnerabilities  in  these 
programs  are  a  growing  threat  to  the  integrity  and 
security  of  networks. 

Five  of  Wall  Street’s  most  prestigious  financial  institutions  knew  exactly  what  they  wanted  from  an  enterprise  solution.  More 
productivity,  to  keep  up  with  an  ever-changing  global  market.  And  real-time  flexibility,  to  go  from  32-  to  64-bit  applications 
without  disrupting  their  business.  They  found  both  in  the  AMD  Opteron™  processor  with  Direct  Connect  Architecture.  It 
UESa&BI  powers  the  world’s  highest  performing  x86  2-way  and  4-way  servers.  And  it  helps  speed  up  millions  of  financial  transactions 
every  day  in  trading  stations  and  server  farms.  At  AMD,  we  believe  it’s  critical  that  technology  should  migrate  on  your  terms  to  help  you 
realize  your  unique  vision.  It’s  one  of  the  reasons  why  HP,  IBM  and  Sun  offer  enterprise-class  solutions  powered  by  AMD  Opteron  processors. 
Would  you  like  to  learn  just  how  much  of  a  difference  they  can  make  to  your  company?  Go  to  www.amd.com/enterprise 
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The  information  is  there, 
but  can  you  find  it? 


Today  one  of  the  great  challenges  facing  IT  is  the 
ability  to  manage  staggering  amounts  of  information. 
Which  is  why  we  created  HP  StorageWorks  Reference 
Information  Storage  System  (RISS),  a  powerful  new 
solution  capable  of  organizing,  archiving  and  securely 
storing  information  so  it  can  be  found  and  retrieved 
quickly.  HP  RISS  reduces  the  cost  and  complexity  of 
your  network  and  ensures  when  you  have  all  your 
information  at  your  fingertips,  change  comes  easy. 
www.hp.com/info/storageworks_ilm 


S3  NetworkWorld  i 

10/18/04 

Enterprise  Applications 

www.nwfusion.com 

Open  source  products  grab  corporate  attention 


m  BY  JENNIFER  MEARS 

When  the  Internet  travel  market  began  to  kick  into  high 
gear  in  2002,  National  Leisure  Group,  which  sells  vacation 
packages  through  sites  such  as  Orbitz  and  Priceline.com, 
knew  it  had  to  step  its  services  up  a  notch.  It  embarked 
on  a  project  to  create  an  online  system  that  could  put 
together  custom  vacations  for  prospective  customers  in 
minutes. 

That  meant  writing  a  new  application  and  extending  its 
application  server  platform. 

“When  we  did  that  we  had  a  bunch  of  choices  to  make. 
We  had  already  been  using  J2EE  as  our  application  devel¬ 
opment  environment  for  other  applications  in  the  busi¬ 
ness,  but  we  had  been  a  traditional  consumer  of  commer¬ 
cial  application  servers,” says  Jamie  Cash,  director  of  tech¬ 
nical  architecture  for  NLG  in  Woburn,  Mass. 

Cash  and  his  team  looked  at  the  costs  involved  in 
expanding  their  server  farm  to  support  a  broader  BEA 
WebLogic  deployment  and  realized  the  costs  would  be  a 
definite  hurdle. 

“So  we  began  to  seek  alternatives,”  he  says.“The  alterna¬ 
tive  we  landed  on  was  [open  source  application  server] 
JBoss.” 

NLG  had  the  JBoss  platform  running  by  April  2003.  In 
the  first  year  alone,  the  savings  associated  with  using  the 
open  source  application  server  as  opposed  to  the  com¬ 
mercial  BEA  software  amounted  to  $1  million  in  avoided 
licensing  fees,  Cash  says. 

“And  we  were  able  to  scale  much  faster  in  terms  of  tech¬ 
nical  perspective  and  in  terms  of  the  business,”  he  says. 

Alternatives  beyond  Linux 

NLG  is  not  alone  in  looking  at  open  source  alternatives 
beyond  Linux.  Analysts  say  that  in  the  move  to  cut  costs 
and  drive  efficiencies,  enterprise  users  are  starting  to  get 
more  serious  about  open  source  products  such  as  Jboss; 
and  databases  such  as  MySQL  and  PostgreSQL,  the 
Apache  Web  server,  the  Samba  file  and  print  server,  and 
OpenOffice  desktop  software. 

“The  trend  is  that  organizations  are  trying  to  find  cost 
reduction  strategies  that  allow  them  to  continue  to  do 
what  they’re  doing  but  do  it  at  a  lower  cost  structure,” says 
Dan  Kusnetzky  vice  president  of  systems  software  at  IDC. 
“They  are  considering  open  source  software  where  it’s 
appropriate.  JBoss,  MySQL,  PostgreSQL  are  on  the  list  of 
things  that  people  are  looking  for!’ 

A  Forrester  Research  survey  of  140  North  American 
firms  earlier  this  year  found  that  46%  of  respondents  are 
using  open  source  software  today  and  14%  have  plans  to 
bring  open  source  into  their  data  centers  in  the  future. 
Thirty-nine  percent  of  the  companies  said  they  had  no 
plans  for  open  source  software,  citing  lack  of  skills  and 
lack  of  support  as  primary  inhibitors. 

“[Open  source  software]  has  been  a  very  active  area  of 
inquiry  for  about  a  year]’ says  John  Rymer,a  vice  presi¬ 
dent  at  Forrester  who  focuses  on  J2EE  application  servers 
such  as  JBoss.“In  other  words,  clients  are  calling  me  up 
and  asking  me, ‘Should  we  be  using  it?  Is  anybody  using 
it?  We  love  the  price.  We’d  love  to  make  greater  use  of  it. 
What  are  the  risks?’Those  kinds  of  questions.” 

The  uptick  in  interest  is  driven  in  large  part  by  the  grow- 


Ups  and  downs  of  open  source 

Corporate  users,  pleased  with  the  capabilities 
of  Linux,  are  taking  a  closer  look  at  open  source 
software  such  as  databases  and  application 
servers.  Some  things  to  consider  when  moving 
up  the  open  source  stack: 

Pros: _ _ _ _ 

Cost.  As  far  as  software  acquisition  costs  go, 
open  source  products  are  free. 

Flexibility.  Just  like  Linux,  open  source  software 
frees  companies  from  vendor  lock-in. 

Close  to  the  code.  With  open  source,  enterprise 
users  can  pinpoint  problems  in  specific  code  and 
suggest  patches  to  solve  problems. 

Growing  support.  Vendors  such  as  HP,  Red  Hat 
and  Novell  are  enhancing  support  for  open  source 
products  beyond  Linux. 

Cons: _ 

Cost.  While  acquisition  costs  are  free,  corporate 
users  must  pay  for  support  and  services,  and 
there  are  often  costs  associated  with  training  IT 
staff. 

Integration.  Today,  users  are  on  their  own  when 
it  comes  to  integrating  open  source  products  into 
legacy  infrastructure,  although  this  is  starting  to 
change  with  companies  as  varied  as  Gluecode 
and  HP  rolling  out  support  for  open  source  stacks. 

i 

Capabilities.Today’s  open  source  databases  and 
application  servers  are  technically  very  good,  but 
still  not  up  to  par  with  heavy-duty  commercial 
offerings  such  as  DB2  orWebLogic. 

Intellectual  property.  The  SCO  Group's  legal 
assault  against  Linux  should  serve  as  a  warning  shot 
for  any  company  considering  open  source.  Understand 
the  open  source  license  governing  the  product  and 
what  your  rights  and  responsibilities  are.  - 


ing  acceptance  of  Linux  within  corporate  data  centers, 
analysts  say  In  many  cases,  companies  have  become 
familiar  with  Linux,  making  them  more  amenable  to  mov¬ 
ing  up  the  stack  within  the  open  source  community 

“Companies  have  gotten  comfortable  with  Linux,  and 
they’re  scratching  their  heads  and  saying, ‘The  argument 
for  Linux  was  total  cost  of  ownership  and  skills,  and  our 
developers  like  it  and  applications  are  supporting  it,”’ says 
Pierre  Fricke.an  analyst  at  D.H.  Brown  Associates.  “Then 
they  start  thinking, ‘What  about  this  thing  called  JBoss. 
Doesn’t  it  offer  some  of  the  same  things?’ And  it  does.” 

Eyes  wide  open 

Those  that  are  bringing  open  source  software  into  their 
data  centers  need  to  do  so  with  their  eyes  open,  analysts 
say  While  the  software  itself  may  be  free,  there  are  costs 


associated  with  service  and  support,  efforts  to  bring  inter¬ 
nal  IT  staff  up  to  speed  on  the  new  technology  and  inte¬ 
gration  challenges  with  existing  infrastructure.The  bottom 
line  is  open  source  software  should  be  evaluated  in  the 
same  way  as  any  commercial  offering. 

“So  you  find  a  good  piece  of  code  that  was  produced 
by  a  project  team  and  it’s  available  for  free. You  have  to 
ask:  Will  that  project  team  continue  to  invest  in  the  pro¬ 
ject?  Is  there  any  funding  mechanism  to  ensure  that 
they’ll  be  able  to  continue  to  invest  effort?  Do  they  have  a 
road  map?  Are  they  going  in  a  direction  you  need  them 
to  go,”  Rymer  says.“If  you  were  to  buy  software  from  a 
commercial  start-up  vendor, you’d  be  asking  these  ques¬ 
tions.  You  really  need  to  ask  them  for  open  source,  too.” 

Analysts  note  that  intellectual  property  issues  could  be 
a  concern.  Linux  users  are  well  aware  of  The  SCO  Group’s 
legal  claims  that  Linux  illegally  contains  its  copyrighted 
Unix  code.  Forrester  recommends  that  corporate  cus¬ 
tomers  set  up  an  open  source  advisory  committee  made 
up  of  lawyers,  developers  and  procurement  specialists. 

Despite  the  SCO  flap,  Linux  continues  to  gain  accep¬ 
tance.  It  has  matured  into  a  mainstream  operating  system 
with  support  from  all  the  major  systems  vendors  and  an 
independent  software  vendor  community  that’s  expand¬ 
ing.  While  lack  of  Tier  1  support  had  been  a  major  hurdle 
for  Linux,  Sun,  HRIBM  and  Dell  all  now  support  the  oper¬ 
ating  system. 

Open  source  software  is  following  a  similar  path.  In 
June,  for  example,  HP  announced  that  it  was  partnering 
with  The  JBoss  Group  and  MySQL  to  provide  technical 
support  for  the  two  open  source  projects  on  its  ProLiant 
and  Integrity  servers. 

Big  vendor  backing 

The  fact  is,  customers  are  looking  for  flexibility  and  the 
ability  to  move  from  vendor  to  vendor,  says  Efrain  Rovira, 
worldwide  director  of  marketing  for  HP’s  Linux  organiza¬ 
tion.  Linux  and  open  source  software  both  provide  that. 
Rovira  says  enterprise  users  can  expect  HP  to  deepen  its 
support  for  JBoss  and  MySQL  and  extend  its  open  source 
offerings,  in  an  effort  to  respond  to  customer  demands. 

Others, such  as  Novell,  are  making  efforts  to  ease  the 
process  of  bringing  open  source  middleware  into  corpo¬ 
rate  data  centers.  In  August,  Novell  announced  it  was 
bundling  JBoss  into  its  SuSE  Linux  Enterprise  Server  9. 
Red  Hat  also  unveiled  its  Red  Hat  Application  server. 

At  LinuxWorld  in  August,  IBM  announced  it  was  con¬ 
tributing  its  Cloudscape  embedded  database  software  to 
the  open  source  Apache  Software  Foundation.  Computer 
Associates  also  announced  that  it  was  putting  its  Ingress 
database  into  the  open  source  realm. 

Rod  Smith,  vice  president  of  emerging  technologies  at 
IBM, says  enterprise  users  can  expect  to  see  IBM  step  up 
its  support  of  open  source  software.  But  he  notes  that 
there  will  remain  a  place  for  more  heavy-duty  proprietary 
offerings,  such  as  IBM’s  WebSphere  application  server  and 
DB2  database. 

“There  is  no  one  size  fits  all.  MySQL  does  some  things 
very  nicely  In  other  areas,  such  as  transactional  models 
for  high-performance  applications,  it’s  probably  not  as 
good,”  he  says.There  will  be  plenty  of  room  for  propri¬ 
etary  and  open  source  systems  for  quite  a  while.”  ■ 


It  is  one  of  the  biggest  threats  to  your  enterprise  today.  Spyware 
steals  bandwidth,  halts  productivity  and  puts  your  intellectual 
property  in  harm’s  way.  Webroot  Spy  Sweeper  Enterprise  offers 
real-time  protection  by  identifying  and  eradicating  spyware  across 
your  organization.  To  see  the  magnitude  of  the  spyware  threat,  run 
a  free  network  scan  at  www.webroot.com/crush  or  contact  us 
at  866.254.6360 
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>>  ThM*1ext  viral  intruder  lurks  ...  somewhere.  But  a  Juniper  network  is  already 
built  to  withstand  the  attack.  Juniper  Networks  delivers  the  industry’s  most 
secure  ond  sophisticated  solutions — making  your  network  impenetrable 
without  sacrificing  speed  or  reliability.  Juniper  your  net. 
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•'REALITIES 

As  VoIP  becomes  an  increasingly  mainstream  technology, 
users  provide  a  reality  check  in  terms  of  VoIP  costs,  features  and  problems. 

■  By  Joanne  Cummings 


When  VoIPmescif'0 

seemed  like  the  answer  to  every  network  execu¬ 
tive’s  prayers.  Not  only  would  it  eliminate  the 
pain  associated  with  moves,  adds  and 
changes,  but  it  also  would  provide  great 
new  features  such  as  unified  messaging 
and  lead  to  savings  by  using  the  current 
data  network. 

Today,  current  VoIP  users  say  the 
technology  is  ready  for  prime  time  and 
providing  returns,  but  it  isn’t  exactly 
network  nirvana.VoIP  can  deliver  cost 
and  support  savings,  but  there  are 
trade-offs  in  terms  of  quality,  reliabili¬ 
ty  and  ease  of  management. 

Nonetheless,  if  it’s  implemented  with 
an  eye  toward  mitigating  those  trade¬ 
offs, VoIP  can  deliver  great  benefits. 

For  the  most  part,  early  users 
moved  to  VoIP  to  cut  costs  and  clean 
up  older  telecom  infrastructures. 

“We  had  a  nice  little  mess  that  we 
affectionately  referred  to  as  our 
telecommunications  quagmire, ’’says  Bill 
Ashton,  director  of  IT  for  the  town  of 
Herndon, Va.The  town  had  seven  locations 
that  each  had  a  key  system  or  PBX,  but  the 
switches  were  from  multiple  vendors, so  trans¬ 
ferring  calls  and  supporting  voice  mail  was 
difficult  and  support  was  costly  Plus,  the 
main  location  with  the  town  offices  had 
outgrown  its  PBX,  forcing  IT  to  rely  on 
a  variety  of  stopgap  measures. 


“In  some  cases,  we  had  to  issue 


cell  phones  to  new  employees,”  Ashton  says. 

Fortunately  the  town  recently  had  put  together  a 
cable  television  franchise  agreement  with  Cox 
Communications  that  required  Cox  to  lay 
fiber  between  all  the  town’s  sites  at  cost. 
With  the  new  network  infrastructure  in 
place,  the  town  realized  it  could  move 
to  VoIP  and  solve  the  bulk  of  its  tele¬ 
com  headaches. 

The  new  VoIP  solution,  anchored 
by  Cisco  3550  and  2950  Catalyst 
switches,  not  only  lets  the  town 
communicate  seamlessly  among 
its  various  locations,  but  Ashton 
also  estimates  the  town  has  gar¬ 
nered  30%  net  savings  through 
the  use  of  unified  messaging  and 
phone  line  consolidation. 

Now  everyone  has  unified  mes¬ 
saging,  which  lets  them  receive 
voice  mail  and  e-mail  in  one 
place. “I  was  sitting  at  the  beach  a 
couple  of  weeks  ago,  and  I  got  on 
the  phone,  called  into  my  voice 
mail  box  and  had  my  email  read 
to  me, ’’Ashton  says.  Plus,  the  town 
has  consolidated  its  outbound 
calling  over  PR1  lines,  which 
lets  it  eliminate  more  than 
300  individual  phone  lines. 
Others  echo  Herndon’s 
experience.  The  Bakers¬ 
field  Californian  news¬ 
paper  moved  to  Cisco 
based  VoIP  because  it 


LLUSTR  ATIONS  BY  GIACOMO  MARCHESI 


wanted  to  upgrade  its  network  to  support 
digital  production  applications.  At  the 
same  time,  it  needed  to  replace  aging 
PBXs  that  dated  from  the  1970s. 

“We  have  two  locations,  one  with  a 
super  PBX  and  one  with  a  mini  PBX,”says 
Mark  Simons,  systems  manager  at  the 
paper. “The  cost  of  buying  two  new  PBXs 
was  almost  equal  to  the  cost  for  the 
entire  network  project  and  [VoIP]  stuff.” 
Plus,  with  the  move  to  VoIP  Simons  says 
the  company  no  longer  needed  the  one 
staff  member  dedicated  to  voice  and 
supporting  the  PBXs. 

“For  our  ROI,  we  gave  the  VoIP  setup  a 
10-year  lifetime,”  Simons  says.  “And  by 
eliminating  that  one  position,  we  paid  for 
the  entire  system  over  the  10  years.  So 
now,  any  new  savings  we  get  from  new 
applications  or  whatever  is  all  bonus 
money  on  top.” 

One  bonus  came  when  the  paper  had 
to  temporarily  relocate  its  newsroom  staff 
while  its  offices  were  being  refurbished. 
“We  chose  a  location  to  move  into,  and 
we  hooked  up  twoT-1  lines  from  the  main 
office  to  the  new  location,”  Simons  says. 
“Then  all  they  had  to  do  was  take  their 
phone  from  here,  take  it  out  there  and 
plug  it  in.They  had  the  same  phone  num¬ 
ber,  features  and  everything  as  if  they 
were  sitting  in  this  building. 

“We  figured  the  savings  we ’re  going  to 
get  from  moving  out  there  and  back  is 
probably  $30,000  to  $40,000  alone,”  he 
says. 

More  than  cost  savings 

While  VoIP  can  be  a  great  cost  saver,  the 
icing  on  the  cake  is  the  new  features  it 
enables.  Herndon  implemented  an 
Amber  Alert  system  using  VoIP  that  effec¬ 
tively  brings  every  town  employee  into 
the  loop  when  a  child  is  missing  in  the 
area.  The  application  works  with  the 
Cisco  switch  to  push  out  alerts  to  the 
VoIP  phones. 

“I  have  five  to  six  times  the  amount  of 
[town  employees]  on  the  streets  on  a 
given  day  than  I  do  police  officers, ’’Ashton 
says.’And  now  I  can  arm  them  with  infor¬ 
mation  that  might  help  a  child  in  jeop¬ 
ardy  and  I  can  do  this  at  little  to  no  cost.” 

Others  are  even  more  ambitious.  Wor¬ 
cester  Polytechnic  Institute  (WPI),a  tech¬ 
nical  university  in  Massachusetts,  is  beta¬ 
testing  Nortel’s  Succession  4.0  VoIP  soft¬ 
ware  running  on  a  Multimedia  Commu¬ 
nications  Server  5 100.  It’s  looking  to  VoIP 
to  support  student-teacher  collaboration 
while  students  are  completing  course- 


related  projects  around  the  world  in  sites 
such  as  Namibia, Thailand  and  London. 

“Now  we  send  the  students  out  to  the 
various  project  centers  with  laptops  and 
cell  phones  tuned  up  with  SIM  cards  for 
the  country  they’re  going  to,”  says  Tom 
Lynch,  vice  president  for  IT  and  CIO  at  the 
school. “But  we’re  looking  for  better  con¬ 
nectivity  at  the  project  centers,  and  this  is 
a  way  If  we  could  load  VoIP  softphones 
onto  the  laptops  they  could  have  much 
better  connectivity  back  to  campus.” 

The  setup  would  also  provide  video- 
based  collaboration  for  the  students  and 
their  professors  back  in  Worcester.  “The 
professors  are  very  interested  in  this 
because  it  would  let  them  keep  in  con¬ 
tact  when  they  send  students  out  to  the 
centers,”  says  Sean  O’Connor,  director  of 
network  operations  and  security.  “They 
could  speak  face  to  face,  instead  of 
being  on  e-mail  and  typing  back  and 
forth.  It’s  more  efficient.” 

The  quality  caveat 

The  one  catch  for  WPI  is  the  quality  of 
voice  over  the  Internet,  especially  in  these 
remote  locations.  VoIP  unlike  traditional 
data  applications,  requires  consistent 
QoS.“We  have  a  very  high-quality  network 
on  campus,”  says  A1  Johannesen,  director 
of  internetworking  and  telecommunica¬ 
tions  at  the  school.“But  where  these  peo¬ 
ple  are  going  we’re  piggybacking  on  net¬ 
works  in  the  area, so  it  needs  to  be  deter¬ 
mined  how  well  it  will  work.” 

The  tests  so  far  have  been  encourag¬ 
ing.  O’Connor  has  used  a  softphone  on 
his  laptop  from  his  home  a  few  miles 
from  campus  via  a  VPN  connection  and 
the  quality  has  been  fine.  And  he  has 
used  a  similar  setup  to  speak  with  Nortel 
representatives  in  Quebec.  “I  thought 


there  would  be  delay  but  there’s  not,”  he 
says.“lt  works  great.” 

Still,  WPI  has  seen  first-hand  the  effects 
of  a  sub-optimal  VoIP  network.  The 
school  needed  to  support  an  affiliated 
high  school,  the  Massachusetts  Academy 
of  Mathematics  and  Science,  when  the 
school  moved  off-campus  and  decided 
to  use  the  VoIP  beta.  While  they  waited 
for  fiber  to  be  run  between  the  campus 
and  the  new  site,  the  school  used  VoIP 
over  a  point-to-point  microwave  link  and 
received  complaints  about  the  phone 
service.  Basically  the  microwave  link 
wasn’t  reliable  enough  to  support  the 
VoIP  traffic. 

“This  is  New  England,  and  weather  is 
weather” O’Connor  says.'And  when  you’re 
using  microwave  and  you  have  a  white- 
out  in  a  snowstorm,  you  usually  end  up 
having  some  sort  of  issue.  Data  worked 
fine  over  it,  but  the  phone  had  problems.” 

Still, VoIP  made  the  whole  move  easier 
and  less  expensive  than  would  have 
been  possible  with  a  traditional  system. 
The  school  had  to  bring  its  Internet 
access  to  the  new  site  anyway,  and  it 
simply  installed  a  Nortel  9150  IP  exten¬ 
sion  shelf  to  the  campus  network  as  part 
of  the  process,  O’Connor  says.“We  didn’t 
have  to  pay  for  20  or  40  phone  lines  into 
the  new  building.” 

Another  problem  with  VoIP  is  that  few 
operations  have  engineered  their  data 
networks  to  provide  the  power  neces¬ 
sary  to  keep  VoIP  phones  running  when 
the  power  goes  out.  WPI  has  set  up  its 
network  to  ensure  between  one  and  two 
hours  of  battery  backup  throughout.“But 
if  there’s  an  emergency  and  the  power 
goes  out,  people  tend  to  pick  up  the 
phone  and  ask  for  help,”  O’Connor  says. 
“But  how  can  you  say  they  won’t  have  a 


Webcast: 

VoIP:  From  hype  to  reality 


m 
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VoIP  is  revolutionizing  enterprise  networks,  cut¬ 
ting  costs,  enabling  new  applications  and  is 
expected  to  grow  to  more  than  $15  billion  in  the 
next  few  years.  In  short,  VoIP  is  reshaping  the 
telecom  industry.  Many  companies  are  capitalizing 
on  pricing  structures  and  integrating  services 
with  other  WAN  offerings  —  is  yours  one  of 
them?Tune  in  to  this  valuable  webcast  and  learn 
how  the  VoIP  market  is  shaping  up,  where  the  big 
opportunities  are,  what  the  new  services  are  and 
what  features  and  applications  will  drive  adoption. 


Watch  it  now:  www.itworld.com/futurevoip 


A  VoIP 

reality  check 

Long-time  VoIP  users  weigh 
the  benefits  and  problems 


Pros 


•  Inexpensive  to  implement,  run  and  maintain  vs.  traditional  phone  networks. 

•  Supports  key  productivity  applications  such  as  Caller  ID  and  unified  messaging. 

•  Handles  new  applications,  such  as  Internet  collaboration  and  CRM  and  makes  it 
easierto  support  speciality  applications  such  as  Amber  alerts. 


Cons 


•  Requires  good  quality  of  service  configuration  and  strong  network  architectures. 

•  Presents  power  backup  quandaries. 

•Analog  lines  are  still  required  in  many  cases  for  faxes,  as  well  as  legal  and  emergency 
reasons. 

•Voice  communications  is  only  as  secure  as  your  overall  network. 


phone  in  two  hours?” 

Others  are  less  worried.  Michael  Lira, 
director  of  MIS  at  Capitol  Technologies,  a 
machine  tool  builder  in  South  Bend, 
Ind.,  has  used  AT&T’s  Managed  IP 
Telephony  Services  for  VoIP  for  three 
years.  The  setup  has  been  hit  by  occa¬ 
sional  minor  power  outages,  but  Lira 
says  he’s  comfortable  with  the  risk. 

“We  engineer  parts  to  order,  so  we  take 
on  jobs  that  are  generally  longer  term,” 
he  says.“A  day  down  is  not  going  to  total¬ 
ly  kill  us.” 

In  fact,  the  company  lost  power  for 
three  days  after  a  recent  tornado  and 
phone  service  was  affected.  The  com¬ 
pany  ran  on  battery  backup  for  as  long 
as  it  could  and  then  simply  waited  for 
power  to  be  restored.  “That  was  the 
longest  outage,”  Lira  says.  “Other  than 
that,  I  can’t  recall  it  being  more  than  a 
minute  of  downtime.” 

Most  users  say  they  keep  some  analog 
lines  available  or  rely  on  cell  phones  for 
backup,  all  of  which  means  that  virtually 
no  organization  will  move  to  a  100%  VoIP 
network,  observers  say 

Analog  never  goes  away 

WPI  has  decided  that  after  the  beta  is 
over,  it  will  implement  a  hybrid  system 
that  keeps  some  traditional  analog  lines 
in  place,  just  in  case  of  such  an  emer¬ 
gency 

“We’ll  never  roll  out  VoIP  for  emer¬ 
gency  phones,”  O’Connor  says.  “With  IP 
phones,  there  are  things  like  power  that 
can  go  wrong.  Our  labs  will  always 
remain  on  analog  lines,  and  our  emer¬ 
gency  phones  outside  for  the  campus 
police  will  always  be  analog.” 

O’Connor  also  says  some  analog  lines 
are  mandated  by  law.“You  have  to  bring 
a  separate  analog  line  in  to  link  up  with 
the  fire  department  in  each  residence 
hall,  and  that's  a  law  in  Massachusetts,” 
he  says. “People  at  first  might  think  they 
can  get  rid  of  their  analog  lines,  but  the 
IP  phone  won’t  suffice. You  will  still  need 
analog  lines  at  some  level.” 

Others  find  they  require  analog  for  fax 
and  other  applications  because  digital- 
to-analog  converters  are  not  up  to  snuff. 

“We  had  to  give  things  like  fire  alarms, 
modems  and  faxes  their  own  phone 
lines, so  we  ended  up  keeping  24  analog 
lines  after  we  moved  to  VoIP,”  Simons 
says.  “We  bought  a  digital-to-analog  con¬ 
verter  with  the  Cisco  system,  which 
should  have  let  us  get  analog  lines  out  of 
the  Cisco  switch,  but  we  found  it  doesn’t 


work  that  great.  I  think  over  time  Cisco 
will  make  its  digital-to-analog  conversion 
stuff  work  better,  where  it’s  not  quite  as 
troublesome  to  manage.  But  until  then 
we’re  keeping  our  analog  lines.” 

Security  not  a  worry 

Another  broad  industry  concern  with 
VoIP  is  security  although  most  users  say 
it  isn’t  a  big  concern.  The  consensus  is 
that  as  long  as  you  follow  established 
network  security  practices,  install  strong 
firewalls  and  split  the  voice  traffic  into 
separate  virtual  LANs  (VLAN),  your  VoIP 
systems  will  be  safe. 

“I  don’t  see  security  as  a  problem,” 
Simons  says.  “Our  [Cisco]  CallManagers 
are  all  password-protected,  so  nobody 
can  just  log  in  and  start  making  changes 
to  phones.  We  have  a  good  firewall  in 
place,  and  our  network  is  split  into  a 
bunch  of  VLANs,  with  the  voice  on  its 
own  VLAN.  I  don’t  worry  about  it.” 

WPI  also  uses  a  separate  VLAN  to  pro¬ 
tect  its  VoIP  traffic  and  says  the  setup 
worked  well  when  a  virus  hit  the  school’s 
network  recently 

“We  contained  the  virus  pretty  fast,  but 
it  didn’t  affect  the  phones  at  all  because 
there’s  a  certain  amount  of  bandwidth 
partitioned  off  just  for  that  phone  sys¬ 
tem,  and  nothing  else  is  going  to  go  over 
it,”  O’Connor  says.  “It’s  not  a  separate 
physical  wire  plant,  but  it’s  separate  at 
the  logical  level  and  it  works.” 


Overall,  VoIP  users  say  they  are  happy 
with  the  technology  and  find  it  is  a  cost- 
effective,  feature-rich  alternative  to  tradi¬ 
tional  phone  systems.  And  it’s  no  longer 
a  “bleeding  edge”  technology  that  peo¬ 
ple  need  to  wait  out. 

“It’s  like  when  a  new  version  of 
Windows  comes  out;  everybody  waits 
for  the  first  service  pack  before  they 
actually  go  in  and  install  it,”  Simons  says. 
“It’s  been  like  that  for  [VoIP], but  people 
shouldn’t  wait  anymore.  It’s  stable  now, 
and  it’s  only  going  to  get  better.” 

Ashton  of  Herndon,  Va.,  agrees.  “My 
organization  is  not  that  large,  and  I  don’t 
have  the  luxury  of  getting  out  on  the 
leading  edge,”  he  says.  “I  can’t  make 
$600,000  mistakes.  But  VoIP  is  beyond 
the  leading  edge,  and  it’s  starting  to 
mainstream.We’re  on  the  front  end  of  the 
mainstream,  but  that’s  where  I  like  my 
organization  to  be.” 

Cummings  is  a  freelance  writer  in  North 
Andover,  Mass.  She  can  be  reached  at 
jocummings@comcast.  net. 

More  online! 

Find  a  list  of  Network 
World's  recent  Perspec¬ 
tives  on  topics  from 
security  to  convergence. 
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QWEST®  WAS  MADE  FOR  VoIP.  NOT  MADE  OVER  FOR  VoIP. 


It’s  not  a  boast.  Or  an  empty  claim.  It’s  a  simple  statement  of  fact.  Because  it  takes 
two  things  to  carry  Voice  over  an  Internet  Protocol:  Expertise  in  telephony.  And  expertise 
in  broadband.  Not  coincidentally,  Qwest  was  formed  when  one  of  the  leading  phone 
companies  merged  with  a  leading  broadband  provider.  So  while  others  say  they  can  make 
VoIP  happen,  we  can  actually  say  that  we  made  our  company  to  make  VoIP  happen. 


For  more  information  call  1  800-506-0663  or  contact  your  Qwest  representative. 


Qwest 


Spirit  of  Service' 
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Currently  available  to  business  customers  in  limited  areas  with  new  locations  being  added.  Please  call  for  availability  and  for  complete  details  and  restrictions. 
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Equant  expands  VPN  access  services 


■  BY  DENISE  PAPPALARDO 


Equant  is  offering  customers  new  choic¬ 
es  when  it  comes  to  accessing  their  VPN 
from  around  the  world  whether  they  are 
tethered  or  not. 

The  company  recently  announced  its 
Adaptive  VPN  strategy  promoting  the  carri¬ 
er’s  ability  to  support  a  variety  of  hybrid 
VPN  networks  that  couple  legacy  and  new 
network  technologies  such  as  frame  relay 
and  Multi-protocol  Label  Switching 


■  Level  3  Communications 


announced  last  week  that  it  has 
signed  a  five-year,  $337  million  deal  to 
provide  Northrop  Grumman  with  IP 
VPN  services.  This  deal  stems  from 
a  contract  that  Northrop  Grumman 
signed  with  the  U.S.  Department  of 
Homeland  Security  earlier  this  year.  In 
that  deal  DHS  required  Northrop 
Grumman  to  team  with  a  network 
service  provider  that  could  support 
secure  data  networking,  Based  on  its 
contract  with  Level  3,  Northrop  Grum¬ 
man  will  be  using  the  carrier’s  (3)Flex 
Network  IP  VPN  Multi-protocol  Label 
Switching  service.  The  fully  meshed 
offering  lets  users  establish  end-to- 
end  customer-controlled  traffic  priori¬ 
tization.  Northrop  Grumman  and  DHS 
will  be  using  the  service  to  transmit 
classified  data  among  headquarters, 
agencies  and  field  offices. 

■  Qwest  last  week  announced  a  net¬ 
work-hosted  call  center  designed  to 
reduce  IT  staffing  and  equipment 
maintenance  costs  by  up  to  50%. 
Called  Q  Routing,  the  virtual  call 
center  manages  inbound,  outbound, 
e-mail  and  Web-based  transactions. 

It  works  with  Centrex,  PBX,  analog, 
ISDN,  plain  old  telephone  service,  cel¬ 
lular,  VoIP  and  PC  desktop  phones. 

0  Routing  enables  call  center  agents 
to  work  in  remote  and  multiple  loca¬ 
tions.  0  Routing  also  offers  disaster- 
recovery  services,  as  well  as  interac¬ 
tive  voice  response  service  through 
Qwest  Web  Contact  Center. 


(MPLS)  services. 

Equant  is  readying  a  service  it  calls 
Frame  Relay  VPN  Bridge  that  speaks  di¬ 
rectly  to  its  Adaptive  VPN  plan. The  service 
will  allow  frame  customers  to  dedicate  a 
permanent  virtual  circuit  (PVC)  to 
Equant’s  MPLS  network.  This  PVC  will  let 
frame  relay  and  IP  VPN  MPLS  sites  com¬ 
municate  and  exchange  traffic  as  if  they 
were  on  the  same  network,  says  Christophe 
Masiero,head  of  VPN  services  at  Equant. 

While  its  Adaptive  VPN  strategy  is  primar¬ 
ily  a  concept,  or  marketing  plan,  the  carrier 
is  expanding  the  geographic  reach  of  a 
variety  of  access  technologies  that  will 
make  it  easier  for  users  to  access  their 
VPNs  globally 

Equant  is  expanding  the  reach  of  its 
optical  Ethernet  service,  DSL,  Wi-Fi  and 
mobile  wireless  access  to  its  VPN  offerings 
throughout  the  150  countries  where  the 
company  offers  data  services,  Masiero 
says. 

The  carrier  plans  to  roll  out  next-genera¬ 
tion  optical  Ethernet  services  by  year-end, 
he  adds.  Until  now  Equant  has  offered 


packet  over  SONET  services  allowing  users 
to  connect  to  its  backbone  using  Ethernet. 

The  company  says  it  also  is  adding  Wi-Fi 
hot  spots  to  its  network  of  access  points, 
but  Masiero  did  not  say  exactly  how  many 
would  be  added.  The  company  has  roam¬ 
ing  agreements  with  a  variety  of  Wi-Fi  ser¬ 
vice  providers,  including  Airpath,  Pronto 
Networks  and  Wayport. 

Equant  offers  VPN  access  from  6,507  Wi¬ 
Fi  hot  spots  and  677  wired  Ethernet  loca¬ 
tions  covering  35  countries. 

The  carrier  is  offering  General  Packet 
Radio  Service  access  to  its  VPN  services  in 
eight  countries  outside  the  U.S.  through  its 
relationship  with  international  wireless  ser¬ 
vice  provider  Orange.  Orange  and  Equant 
are  subsidiaries  of  France  Telecom. 

Masiero  says  Equant  will  offer  mobile 
wireless  VPN  access  to  customers  in  the 
U.S.  by  year-end,  but  would  not  say  which 
domestic  carrier  Equant  is  teaming  with  to 
support  the  mobile  service. 

Mobile  wireless  access  will  offer  business 
users  another  option  to  access  their  VPNs 
from  anywhere  the  service  is  available.  He 
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also  says  the  carrier  is  in  the  process  of 
developing  3G  wireless  service  access  to  its 
VPN  offerings. 

The  service  provider  also  is  planning  to 
expand  the  reach  of  its  DSL  services  to  50 
countries,  offering  users  three  levels  of 
service.  ■ 


Sprint  gussying  up  security  offerings 


■  BY  DENISE  PAPPALARDO 

Sprint  last  week  launched  two  security 
services  that  it  says  will  help  customers  mit¬ 
igate  distributed  denial-of-service  attacks 
and  better  enforce  security  policies. 

The  offerings  include  Sprints  IP  De¬ 
fender  and  Secure  Content  Management 
and  Filtering  services.  They  are  designed 
to  keep  customer  networks  safer  by  using 
tools  that  proactively  thwart  distributed 
DoS  attacks  and  dedicate  a  network 
appliance  designed  to  enforce  a  cus¬ 
tomer’s  security  policy,  respectively,  the 
company  says. 

Sprint’s  IP  Defender  service  is  the  latest 
anti-distributed-DoS  offering  from  a  carrier 
that  proactively  detects  attacks  and  then 
puts  mitigation  efforts  into  effect.  Sprint  has 
deployed  Arbor  Networks’  PeakFlow,  which 
detects  network-behavior  anomalies,  in  its 
network  and  Cisco  Mitigation  devices  at 
customer  sites. 

“The  Arbor  piece  provides  the  24/7  mon¬ 
itoring  and  the  Cisco  element  lets  us  divert 
and  mitigate  traffic  to  a  black  hole  or 
another  port,"  says  John  Pardun,  security 
solutions  manager  at  Sprint. 


PeakFlow  monitors  networks  and  detects 
if  there  has  been  a  drastic  change  in  traffic 
heading  toward  a  specific  customer,  which 
is  a  telltale  sign  of  an  attack.  Sprint  then 
uses  the  Cisco  devices  to  immediately 
make  changes  to  a  customer’s  network  to 
try  and  stop  the  attack.The  guidelines  as  to 
when  and  how  Sprint  reacts  are  outlined 
with  the  customer  when  Sprint  sets  up  the 
service. 

One  industry  watcher  says  the  Sprint 
move  makes  sense. 

“This  announcement  is  most  important 
to  Sprint  customers,”  says  Kelly  Kavanagh, 
senior  analyst  at  Gartner.  The  service  is 
attractive  to  customers  that  want  to  in¬ 
crease  network  uptime  and  avoid  DoS 
attacks  as  much  as  possible,  he  says. 

Late  last  year  the  carrier  said  it  would 
beef  up  its  anti-distributed-DoS  efforts  with 
monitoring  and  mitigation  services.  Sprint 
has  a  network-based  system  that  uses  state¬ 
ful  inspection  in  its  edge  routers  to  exam¬ 
ine  traffic  for  all  IP  customers.  But  its  IP 
Defender  is  an  add-on  service  for  which 
the  carrier  charges  an  additional  fee. 

Sprint  is  not  alone  in  offering  proactive 
services  or  charging  for  them.  AT&T  first 


announced  its  Internet  Protect  distributed- 
DOS  monitoring  and  mitigation  service  in 
March  and  then  added  a  proactive  mitiga¬ 
tion  feature  in  June. 

MCI  also  offers  distributed  DoS  monitor¬ 
ing  and  mitigation  service,  but  MCI  has  yet 
to  provide  a  proactive  mitigation  feature. 

As  part  of  its  DoS  response  service-level 
agreement  (SLA),  the  carrier  guarantees  it 
will  respond  to  DoS  attacks  directed  at  any 
of  its  IP  customers  within  15  minutes  of 
when  a  user  calls  MCI  and  the  carrier 
issues  a  trouble  ticket. 

Sprint  also  is  offering  a  standard  SLA 
with  its  IP  Defender  service  that  covers 
notification  and  mitigation.  The  carrier 
guarantees  it  will  notify  a  customer  within 
15  minutes  of  a  possible  DoS  attack. 

Customers  can  set  up  a  policy  that  allows 
Sprint  to  initiate  mitigation  immediately, 
but  for  those  that  want  to  first  grant 
approval,  the  carrier  guarantees  it  will  initi¬ 
ate  mitigation  within  15  minutes  of 
that  approval. 

Sprint’s  IP  Defender  service  is  available 
in  two  versions:  one  monitors  multiple  cus¬ 
tomer  networks  using  one  PeakFlow 

See  Sprint,  page  SO 
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I’ve  written  extensively  about  the  fact 
that  the  U.S.is  losing  competitiveness  in 
science  and  technology  because  of  a 
lack  of  focused  public  investment  in  cut¬ 
ting-edge  research.  Universities  and  gradu¬ 
ate  institutes  have  noted  the  impact  for 
years.  Now  elementary  schools,  secondary 
schools  and  public  libraries  are  feeling 
the  pain. 

You’ll  recall  that  in  1997, as  a  corollary  to 
the  Telecommunications  Act  of  1996,  the 
FCC  implemented  a  revised  universal  ser¬ 
vice  provision  (USP)  that  essentially  sub¬ 
sidizes  Internet-related  services  to  ele¬ 
mentary  and  secondary  schools  and  pub¬ 
lic  libraries.The  USP  order  created  a  new 


quasi-governmental  agency  called  the 
Universal  Service  Administrative  Com¬ 
pany  (USAC),  which  collects  money  from 
infrastructure-based  telcos  (roughly  9%  of 
telecom  revenue)  and  distributes  it  to 
schools  and  libraries.  USAC  has  dissemi¬ 
nated  more  than  $11  billion  in  so-called 
“e-rate”  funds  since  1997. 

Then  and  now,  I  think  the  structure  was 
dumb.  1  fully  support  providing  low-cost 
Internet  access  to  schools  and  libraries. 
But  this  structure  imposes  a  hidden  tax, 
and  a  biased  one  at  that  (it’s  another 
example  of  the  tilted  playing  field  against 
infrastructure-based  telcos  that  I  men¬ 
tioned  in  my  last  column). 

More  to  the  point,  it  creates  an  enor¬ 
mous  bureaucratic  mess:  Instead  of  pay¬ 
ing  the  schools  directly,  we’re  paying  tel¬ 
cos  to  pay  the  government  to  pay  the 
schools  —  and  the  collection  and  distri¬ 
bution  is  handled  by  a  shadowy  agency 
with  no  clear  oversight.  It’s  no  surprise 


that  over  the  past  six  years  numerous 
questions  have  been  raised  about  the 
management  and  administration  of  this 
$11  billion.  Handling  USP  in  this  fashion 
is  shortsighted  and  stupid. 

It  seems  the  federal  government  finally 
agrees.  But  in  typical  bureaucratic  fashion, 
the  cure  is  worse  than  the  disease. 

On  Aug.  16,  the  FCC  notified  the  USAC 
that  it  was  drastically  tightening  up 
accountability  standards  for  e-rate  funding. 
In  particular,  the  FCC  required  the  USAC  to 
have  the  money  in  hand  before  promising 
it  to  schools  —  a  180-degree  reversal  of  the 
way  the  USAC  had  been  operating  for  the 
past  six  years,  during  which  the  USAC 
would  promise  funding  based  on  esti¬ 
mated  future  contributions  by  telcos. 

The  USAC  responded  Aug.  19  by  inform¬ 
ing  thousands  of  schools  and  libraries 
that  it  could  no  longer  promise  funding 
for  fiscal  year  2004,  which  started  in  July. 

The  upshot  is  that  schools  and  libraries 


are  now  drastically  reducing  services 
because  they’re  unexpectedly  not  getting 
the  funding  they  were  promised.The  USAC 
blames  the  FCC.The  FCC  blames  the  USAC. 
Congress  blames  everybody  In  the  middle 
of  all  this  finger-pointing,  Johnny  and  Janie 
Schoolchildren  are  left  staring  at  screens 
that  have  suddenly  gone  dark. 

This  is  nuts.  Of  course  the  e-rate  program 
needs  a  thorough  overhaul.  By  all  ac¬ 
counts  it’s  a  mess,  and  as  noted,  it  was 
never  such  a  hot  idea  in  the  first  place.  But 
abruptly  shutting  off  funds  at  the  start  of 
the  school  year  is  even  worse.  If  this  kind 
of  federal  flailing  and  flip-flopping  is  how 
we’re  planning  to  handle  our  investments 
in  science  and  technology,  we  have  a 
problem. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Edge  routers  enhanced  to  support  new  services 


■  BY  JIM  DUFFY 

Two  router  vendors  last  week  announced 
enhancements  to  their  edge  offerings  that 
they  say  will  address  new  markets  and 
improve  broadband  service  delivery 

Juniper  Networks  unveiled  hardware  and 
software  for  its  E-series  routers  that  the 
company  says  lets  service  providers  de¬ 
ploy  more  sophisticated  broadband  ser¬ 
vices  with  increased  levels  of  performance, 
reliability  and  scale.  Laurel  Networks  rolled 


Seeking  an  edge 

Enhancements  to  Juniper’s 

E-Series  routers: 

•  Support  for  stateful  Switch  Route 
Processor  switch-over. 

•  A  Gigabit  Ethernet  combo  card  that 
integrates  tunnel  serverfunctionality  with 
a  higher-density,  two-port  line  card. 

•  Interoperability  with  the  Siemens  dual 
stack  IPv4/IPv6  PPPoE  tango  Access 
broadband  client  software  for  Windows. 

•  Ability  to  monitor  DHCP  traffic  between 
external  DHCP  servers  and  client 
subscribers. 


•  An  eight-port  FX  Fast  Ethernet  Input 
Output  Adapter  supports  fiber-based 
100M  bit/sec  Ethernet  services. 


_ 


out  line  cards  for  its  low-end  ST50  platform 
designed  to  optimize  delivery  of  VoIP  and 
IP  VPN  services  over  DSL  and  T-l/E-1  cir¬ 
cuits. 

Juniper’s  enhancements  are  targeted  at 
service  providers  looking  to  offer  triple¬ 
play  —  integrated  voice,  data  and  video  — 
services  over  broadband  IP  infrastructures. 
The  E-series  extensions  include  support  for 
stateful  Switch  Route  Processor  switch-over 
in  the  router’s  Junose  operating  system.This 
is  designed  to  ensure  high  availability  of 
Point-to-Pbint  Protocol  (PPP)  and  Dynamic 
Host  Configuration  Protocol  (DHCP)  appli¬ 
cations,  and  maintain  all  subscriber  ses¬ 
sions  and  services  during  failure. 

Another  extension  is  interoperability  with 
Siemens’  dual  stack  IPv4/IPv6  broadband 
client  software  for  Windows.  This  helps  ser¬ 
vice  providers  begin  deploying  IPv6-based 
video-on-demand,  IP  television,  videocon¬ 
ferencing,  voice  and  video  telephony  ser¬ 
vices.  Siemens  is  a  Juniper  reseller. 

Another  software  enhancement  is  the 
ability  to  monitor  DHCP  traffic  between  ex¬ 
ternal  DHCP  servers  and  client  subscribers. 

On  the  hardware  side,  Juniper  unveiled  a 
Gigabit  Ethernet  “combo  card”  for  the 
E-series.  This  card  integrates  physical 
Gigabit  Ethernet  termination  and  tunnel 
server  features  in  a  single  line-card  slot.  It 
also  doubles  Gigabit  Ethernet  port  density 
to  two  ports,  while  lowering  the  per-port 
cost  of  the  ERX-1440  and  ERX-310  plat¬ 
forms,  Juniper  says.  The  cards  cost  about 
$48,000  each. 

Another  hardware  enhancement  for  the 
E-series  is  an  eight-port  FX  Fast  Ethernet 
Input  Output  Adapter  (IOA).This  addition 
supports  fiber-based  100M  bit/sec  Ethernet 
services  for  the  ERX  platform. 

Both  the  FX  10A  and  the  combo  card  use 
a  range  of  small  form-factor  pluggable 


transceivers  to  support  different  optical 
modes  and  cabling  distances. 

Hardware  was  the  sole  component  of 
Laurel’s  ST50  router  enhancements  as  the 
vendor  unveiled  three  so-called  “miniPHY” 
physical  interface  access  cards  for  the 
router.  An  eight-port  channelized  T-l/E-1 
card  provides  NxDS-0, T-l/E-1  and  NxT-l/E-1 
interfaces  with  frame  relay  and  PPP  encap¬ 
sulations,  and  integrated  support  for  low- 
jitter,  low-latency  VoIP  transport. 

A  four-port,  dear-channel  DS-3  card  sup¬ 
ports  direct  termination  of  ATM-based  DSL 
access  multiplexers  (DSLAM)  for  delivery 
of  commercial  and  residential  VoIP  video, 


Sprint 

continued  from  page  29 

device,  and  another  that  lets  customers 
dedicate  PeakFlow  devices  to  monitor  only 
their  networks.The  carrier  says  its  standard 
offering  is  priced  based  on  port  size,  mean¬ 
ing  all  T-l  customers  would  pay  the  same 
fee.The  carrier  would  not  reveal  prices. 

Sprint  launched  its  Secure  Content  Man¬ 
agement  and  Filtering  service  last  week. 

It  is  deploying  and  managing  Network 
Appliance’s  NetCache  device  at  customer 


Security  concerns 


IP  VPN  and  Internet  services  over  DSL.  And 
an  eight-port  10/100M  bit/sec  TX  Ethernet 
card  supports  metropolitan  Ethernet  ser¬ 
vices  such  as  virtual  private  LAN  service 
and  IP  DSLAM  termination  with  QoS  for 
VoIP  video,  IP  VPNs  and  Internet  services. 

The  cards  are  expected  to  be  available  in 
January  Laurel  did  not  disclose  pricing. 

Juniper’s  combo  and  FX  IOA  cards  cost 
$48,000  apiece.  The  software  enhance¬ 
ments  are  included  in  the  price  of  an  E- 
series  router,  which  is  dependent  on  con¬ 
figuration  but  typically  runs  between 
$100,000  and  $150,000,  according  to 
Juniper.  ■ 


sites  to  support  this  service.  “We’re  using  a 
platform  that  provides  filtering  and  also 
uses  Web  caching  and  bandwidth  opti¬ 
mization,”  Pardun  says. 

With  this  device  users  can  set  and  enforce 
security  policies  such  as  access  controls, 
authentication,  Web  filtering  and  blocking 
potentially  malicious  code  while  using  Web 
caching  for  better  bandwidth  optimization. 

Sprint  is  offering  its  Secure  Content 
Management  and  Filtering  service  to  Sprint 
IP  customers  and  others  using  dedicated 
IP  services  from  another  carrier.  ■ 


According  to  the  2004  E-Crime  Watch  survey  of  500  respondents: 

•  43%  report  an  increase  in  electronic  crimes  and  ’Net  intrusions  over  2003. 

•  51%  have  a  formal  process  in  place  to  track  e-crime  attempts. 

•  30%  do  not  know  if  the  attacks  are  coming  from  inside  or  outside  their  organizations. 

•  Of  those  that  do  know,  71%  see  attacks  coming  from  outside  and  29%  from  inside. 

•  40%  say  hackers  pose  the  greatest  cybersecurity  threat. 

SOURCE:  SURVEY  CONDUCTED  BY  CSO  MAGAZINE. THE  U  S.  SECRET  SERVICE  AND  THE  CERT  COORDINATION  CENTER. 


Imagine  I.T.  that’s  flexible  enough  to  help  you  reach  your  business  goals  quickly  and  efficiently.  The  SAP  NetWeaver”  platform  speeds  integration 
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Patch  management  goes  automatic 


HOW  IT  WORKS 


as 

Administrator 


Automated  patch  management 

This  automated  patch-management  system  uses  an 
agent-based  architecture  to  inspect  hosts  for 
vulnerabilities  and  apply  the  appropriate  fix. 
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Network  endpoint 
with  agent  installed 


O  Subscription  service  updates  server  catalog  with  newly  available  patches  over  the  Internet. 

©  Patch-management  server  notifies  administrator  that  a  new  critical  patch  is  available. 

©  Administrator  schedules  patch  for  deployment  via  server. 

©  Agent  queries  server  for  instructions,  including  new  deployments.  Agent  requests,  downloads  and  installs  patch 
scheduled  by  administrator.  Agent  reports  the  status  of  the  installation  back  to  the  patch-management  server. 


■  BY  CHRIS  ANDREW 

Staying  current  with  vendor  security 
alerts,  assessing  the  risk  that  these  vulnera¬ 
bilities  pose  to  your  business  and  testing 
and  applying  software  patches  to  close 
these  holes  are  onerous  tasks  that  can  con¬ 
sume  most  of  an  IT  professional’s  workday 

An  automated  patch-management  sys¬ 
tem  provides  more  effective  security  by 
tracking  machines  that  need  patches  and 
applying  required  patches  and  updates 
throughout  a  corporation. 

Automated  patch-management  software 
offers  a  solution  for  aggregating,  and  dis¬ 
tributing  and  installing  patches  and  soft¬ 
ware  updates  for  multiple  computing  plat- 
forms.The  core  functions  of  the  system  are 
an  accurate  patch  management  detection 
and  inventory  process,  and  automatic 
patch  deployment  across  platforms. 

In  distributed  corporate  environments,  a 
detailed  inventory  of  system  components 
is  essential,  especially  the  software  that 
runs  those  systems.  Third-party  patch  man¬ 
agement  systems  conduct  this  inventory 
one  of  two  ways:  either  with  or  without 
agent  software. 

Agents  allow  for  deeper  host  inspection, 
enforcement  and  the  ability  to  perform 
arbitrary  tasks  on  targets.  Advanced  client- 


Got  great  ideas 


■  network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  Contact 
Amy  Schurr,  senior  managing  editor, 
features  (aschurr@nww.com)  with 
suggestions. 


side  agents  allow  for  communication  with 
a  host  server.  A  primary  reason  and  under¬ 
lying  benefit  of  agent  technology  is 
increased  performance  and  scalability. 
They  accelerate  the  performance  of  a 
large-scale  deployment,  and  one  en¬ 
hanced  server  can  service  tens  of  thou¬ 
sands  of  Web-based  client  agents.  By  using 
agents,  a  patch  management  system  can 
work  across  firewalls  and  operate  on  any 
computer  that  has  a  TCP/IP  connection  to 
an  enterprise  network. 

At  the  other  end  of  the  spectrum  is  the 
agentless  option  —  technology  that 
requires  manually  downloading  patches 
to  a  host  server  and  then  pushing  them 
out  to  target  servers  and/or  desktops  via 
remote  process  control.  In  the  past,  those 
wanting  a  lighter  software  thumbprint 
and  rapid  patch  management  deploy¬ 
ment  preferred  this  methodology.  How¬ 
ever,  significant  strides  in  reducing  the 
agent  size  and  improvements  in  agent- 
based  management  and  agility  have 
addressed  this  concern. 

Effective  patch  management  solutions  let 
a  central  administrator  or  group  of  admin¬ 
istrators  automate  the  discovery  of  soft¬ 
ware  vulnerabilities  and  subsequent  distri¬ 
bution  of  security  patches  throughout  a 
heterogeneous  enterprise  network.  Both 
agent  and  agentless  systems  search  for  and 
identify  vulnerabilities. The  inspection  pro¬ 
cess  can  range  from  registry  evaluations  to 
more  accurate  inventories  of  Dynamic 
Link  Libraries  and  other  system  files. 

Once  a  vulnerability  has  been  identified, 
a  patch  management  system  lets  adminis¬ 
trators  select  the  corresponding  patch  from 
a  list  of  known  patches  (or  pull  it  directly 
from  the  vendor  if  the  product  doesn’t  per¬ 
form  local  patch  caching)  and  propagate 


that  patch  to  vulnerable  machines. 

More-sophisticated  patch  management 
systems  are  equipped  with  features  that 
make  the  patch-deployment  process 
more  intuitive,  secure  and  efficient.  For 
example,  certain  systems  let  administra¬ 
tors  create  groups  of  computers  within  a 
network  to  expedite  the  patching 
process.  Other  important  features  in 
enterprise  patch  management  systems 
are  the  ability  to  remediate  against 
mandatory  baselines;  the  creation  of  role- 
based  administration  control  to  enable 
specific  functional  access  by  various 
users;  and  the  ability  to  aggregate  enter¬ 
prise-reporting  data  from  multiple  patch 


management  servers. 

Additional  features,  including  patch  roll¬ 
back,  ongoing  audit  and  compliance  con¬ 
trols,  inventory  reporting,  and  the  ability  to 
create  custom  patches  for  home-grown 
applications,  let  some  automated  patch- 
management  systems  deliver  a  compre¬ 
hensive  solution  to  meet  the  vulnerability 
detection  and  remediation  needs  of  firms. 

Automated  patch-management  systems 
help  support  a  company’s  patch  manage¬ 
ment  best  practices. 

Andrew  is  vice  president  of  product  man¬ 
agement  for  PatchLink.  He  can  be  reached  at 
chrisa@patchlink.  com. 


Ask 


Dr.  Internet  By  Steve  Blass 

We  have  a  multicast  server  Web  application  that 
connects  groups  of  desktop  users  to  a  support 
forum,  similar  to  an  instant-messaging  service. 
Workstations  that  have  upgraded  to  XP  Service 
Pack  2  cannot  connect  to  this  service.  We  believe 
the  new  firewall  is  blocking  the  connection  but 
aren't  sure  how  to  adjust  the  settings  for  a  multi¬ 
cast  connection.  Can  the  XP  SP2  firewall  be 
opened  to  allow  multicast  connections? 


The  XP  SP2  firewall  can  be  configured  to  permit 
connections  to  and  from  a  multicast  service.  To 
change  the  firewall  settings,  open  the  Network 
Connections  applet  in  the  control  panel,  right-click 
on  the  Local  Area  Connection  icon  and  choose 
Properties.  Click  on  the  Advanced  tab  in  the  Prop¬ 
erties  dialog  and  click  on  the  Settings  button.  This 
opens  the  Windows  Firewall  dialog.  To  change  the 
firewall  configuration,  uncheck  the  Don't  Allow 
Exceptions  check  box,  click  on  the  Exceptions  tab 


in  the  Windows  Firewall  dialog  and  click  the  Add 
Program  button,  Choose  your  multicast  client  pro¬ 
gram  from  the  list  of  programs,  or  browse  for  it 
using  the  Browse  button.  Once  the  program  has 
been  added  to  the  Exceptions  list,  you  should  be 
able  to  connect  to  your  multicast  server. 

Blass,  a  network  architect  at  Change@Work  in 
Houston,  can  be  reached  at  dr.internet@changeat 
work.com. 
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Branding  XP’s  logon 


This  week  we  start  with  a  question:  Are 
we  missing  something,  or  is  Windows 
XP’s  implementation  of  TCP/IP  as 
pathetic  as  we  suspect  it  is? 

We  ask  this  after  setting  out  to  test  an 
interesting  device  called  the  Sentinel 
Model  1000  from  Highwall  Technologies  (it 
monitors  for  rogue  wireless  activity). 

We  were  trying  to  set  up  a  dual  homed 
Windows  XP  machine.  (In  other  words,  we 
wanted  to  give  it  two  IP  addresses  on  one 
interface).  It  turns  out  you  can  indeed  do 
this  as  long  as  both  addresses  are  static. 
This  means  that  using  DHCP  to  get  an  IP 
address  on  one  connection  and  using  a 
static  IP  address  on  the  other  connection  is 
a  no  go. 

Our  question  is,  Why  would  you  ever 
build  in  such  a  limitation?  It  makes  no 
sense, and  we  can’t  find  anything  on  Micro¬ 
soft’s  Web  site  or  anywhere  else  that  ex¬ 
plains  why  this  limitation  exists. 

As  we  researched  this  issue  we  found  an 
interesting  tool  that  addresses  the  problem 


of  switching  network  configurations:  Net 
Profiles, written  by  Daniel  Milner  (details  at 
www.nwfusion.com,  DocFinder:  4230). This 
utility  lets  you  create  —  you  guessed  it  — 
profiles  for  your  network  configuration. 

You  can  specify  a  profile  name  and 
whether  the  IP  address  and  all  the  other 
details  —  such  as  DNS  servers, WINS  server 
and  default  gateway  —  are  to  be  provided 
by  DHCP  or  through  a  static  allocation  .You 
also  can  specify  which  network  shares  are 
mapped  to  which  drives  by  the  profile  and 
the  default  printer. 

If  you  have  multiple  adapters  you  can  set 
up  profiles  for  each  and  when  you  click  on 
Apply  Profile,  voila!  Your  wish  is  Windows’ 
command.  This  is  useful  when  you  are 
struggling  to  reconfigure  devices  that  are, 
by  default,  on  a  static  address  in  a  different 
private  address  space  than  the  one  you  are 
using  . . .  which  seems  to  be  pretty  much 
always  the  case. 

Net  Profiles  is  “donateware” —  that  is,  it  is 
freeware  with  a  plea  for  a  contribution.The 
tool  does  what  it  says  and  seems  pretty 
robust.  Send  Daniel  a  nice  donation 
please.  He’s  earned  it. 

Anyway  our  next  topic  is  about  setting 
your  corporate  branding  on  your  XP  sys¬ 
tems  —  important  in  getting  that  corpo¬ 
rate  “we  own  you  and  everything  around 


you”  look  and  feel.  While  many  of  you 
may  have  extensive  XP  experience,  you 
might  not  know  that  you  can  customize 
the  look  of  the  XP  logon  screen.  We,  like 
the  Internal  Revenue  Service,  are  here  to 
help  you. 

Microsoft,  in  its  usual  style,  hasn’t  made  it 
too  easy  to  change  the  logon  screen  (its 
branding  is,  of  course,  far  more  important 
than  yours)  or  even  provided  much  infor¬ 
mation  on  what  goes  on  with  the  logon 
process. 

Luckily  many  creative  people  with  dog¬ 
ged  determination  have  explored  what 
goes  on  under  the  hood  and  have  pro¬ 
duced  some  cool  tools. 

At  the  heart  of  the  logon  process  is  a  pro¬ 
gram:  logonui.exe.  To  change  how  your 
logon  looks  you  have  to  modify  the 
resources  in  this  program. 

You  could  use  a  tool  like  ResHacker  from 
Angus  Johnson  (see  freeware  at  Doc- 
Finder:  4231)  and  change  the  various 
graphic  and  text  components  one  by  one, 
but  there  is  an  easier  way:  Use  Chamel- 
eonXP  from  Optic  Foundries. 

Go  to  DocFinder:  4232  to  get  to  Optic’s 
site,  but  be  warned:  This  URL  for  this  site 
seems  to  exceed  its  Geocities  quota  with 
monotonous  regularity  so  you  might  have 
to  wait  until  the  site  gets  its  quota  reset  after 


a  lot  of  activity 

ChameleonXP  provides  a  framework  that 
coordinates  the  editing  of  all  the  logon 
interface  resources, as  well  as  installing  the 
changes  in  the  logonui  file,  allowing  selec¬ 
tion  and  installation  of  predefined  configu¬ 
rations,  and  exporting  either  the  modified 
logonui  file  or  what  Optic  calls  a  “Skin- 
Pack”  file.  This  file  is  an  archive  that  con¬ 
tains  all  the  resources  for  a  given  configu¬ 
ration  that  another  ChameleonXP  user  can 
import  and  install. 

Modifying  the  logonui.exe  file  is  reason¬ 
ably  safe.  So  far  we  have  yet  to  destroy  our 
system,  but  be  careful,  corrupted  graphics 
in  the  logonui.exe  can  apparently  cause 
severe  problems  —  not  insurmountable 
ones,  but  ones  that  require  rebooting  into 
safe  mode  and  replacing  the  logonui.exe 
file  with  its  original  version. 

For  your  PC-using  pleasure,  we  at  the 
Gearhead  Labs  have  constructed  a 
Gearhead-themed  logon  screen  that  you 
might  care  to  use  on  your  PC  or  treat  as  a 
template  for  your  own  logon  configuration. 

You  can  find  links  to  the  ChameleonXP 
program  download  site  and  the  Gearhead. 
SkinPack  file  at  DocFinder:  4233. 

Tell  us  at  gearhead@gibbs.com  how  we 
look  on  your  desktop. 


Cool 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Transfer  video  to  DVD  without  a  computer 

Sony  last  week  launched  its  DVDirect  device  (Model 
VRD-VC10),  which  lets  users  transfer  video  from  a  cam¬ 
corder  or  a  videotape 
from  a  VCR  and  burn  it 
onto  a  DVD  without  con¬ 
necting  to  a  PC.  The 
DVDirect  device  will  ship 
in  November  for  about 
$300,  Sony  says. 

The  system  can  burn  up 
to  12  hours  of  MPEG-2 
video  onto  a  compatible, 
double-layer  DVD+R  DL 
disc,  or  up  to  six  hours 
onto  a  standard,  single¬ 
layer  DVD+R  or  DVD+RW 
disc,  Sony  says.  The  sys¬ 
tem  can  connect  to  a  PC 
via  a  USB  2.0  connection 
if  users  want  to  do  addi¬ 
tional  DVD  authoring,  through 
bundled  software;  or  to  create  ^8 
data,  music,  CDs  or  other  video  DVDs. 


Sony's  DVDireGt  can  transfer  video  onto  a  DVD 
disk  without  connecting  to  a  PC. 


But  if  users  just  want  to  transfer  video¬ 
tapes  or  camcorder  recordings  to  discs 
without  having  to  use  a  separate  cap¬ 
ture  card  or  computer,  they  can  with  the 
DVDirect  unit. 

The  device  connects  to  a  video  source 
through  composite  cables  or  an  S-video 
cable.  More  information  is  available  at 
www.nwfusion.com,  DocFinder:  4228. 

Qosmio  notebooks  get  new  Media  Center  software 

Toshiba’s  Digital  Products  Division  last  week  launched 
new  models  in  its  Qosmio  line  of  multimedia  notebooks, 
which  now  includes  the  Microsoft  Windows  XP  Media 
Center  Edition  2005  (also  launched  last  week).  The 
Qosmio  G15-AV501  (about  $3,000)  and  FI  5- 
AV201  (about  $2,600)  combine 
consumer  electronics  features 
such  as  DVD  player,  personal 
video  recorder, TV  tuner, stereo 
and  computer  into  one  device. 
The  AV501  includes  a  17-inch 
widescreen  display,  and  the 
AV201  includes  a  15.4-inch 
widescreen  display 
The  notebooks  have  in¬ 
creased  hard  disk  space  (up  to 
100G  bytes  through  a  60G-  and 
40G-byte  drive)  and  integrated 
Harman/Kardon  speakers  that 
include  SRS  Wow  and  TruSur- 
round  XT  technology  Toshiba 
says. The  systems  also  can  play 
DVDs  or  CDs,  or  display  televi¬ 
sion  programming  without  a 
user  having  to  boot  up  the 
notebook. 

On  the  computing  side,  the 


Toshiba’s  Qosmio  multimedia  notebooks  now  have 
up  to  100G  bytes  of  hard  disk  space. 

notebooks  include  a  1.8-GHz  Pentium  M 
Processor  745,  512M  bytes  of  RAM,  an 
NVIDIA  GeForce  FX  Go  5700  graph¬ 
ics  card  with  128M  bytes  of  memory 
and  integrated  802.1  lg  wireless  LAN 
connectivity  Other  features  include  four 
USB  2.0  ports,  i.Link  (IEEE  1394)  port,  10/100M 
bit/sec  Ethernet  and  a  V92  modem  interface.  A  Bridge 
Media  Adapter  can  read  memory  cards,  including  Secure 
Digital,  Memory  Stick  (and  Pro),MultiMedia  Card  and  xD- 
Picture  cards. 

Sharp  launches  new  ultraportable 

Sharp  Systems  last  week  launched  the  newest  version  of 
its  Actius  notebook  computer  line, the  MP30.The  successor 
to  the  company’s  MM20  notebook,  the  MP30  adds  multi- 
media  features  while  keeping  the  thin  and  light  form. The 
notebook  costs  about  $1,900  and  is  available  through 
Sharp’s  Web  site  (DocFinder:  4227). 

The  notebook  uses  the  Transmetta  Efficeon  TM800  (1.6- 
GHz)  processor,  weighs  2.8  pounds,  and  has  a  1-inch-thick 
profile.  It  includes  a  32M-byte  graphics  card  (the  ATI 
Mobility  Radeon  7500),  and  has  a  built-in  CD-RW/DVD 
combination  drive.  The  MP30  includes  802.1  lg  wireless 
LAN  connectivity,  a  40G-byte  hard  drive,  a  10.4-inch  LCD 
(supports  l,024-by-768-pixel  XGA  resolution),  and  offers 
about  4.6  hours  of  battery  life. 

The  notebook  also  can  be  attached  to  a  desktop  com¬ 
puter  and  act  like  an  external  hard  drive  through  Sharp’s 
DirectHD  technology.  This  can  make  switching  files 
between  the  notebook  and  another  computer  as  easy  as 
dragging  and  dropping  files  between  the  MP30  and  an¬ 
other  system. 

Shaw  can  be  reached  at  kshaw@nww.com. 


They  multifunction,  multitask  and  multi-simplify. 


HP  multifunctional  products  can  make  you  more  productive— our  free  MFP  strategy  guide  shows  you  how.  Each  of  these  workhorses  can  do  the  job  of  three 
machines— printer,  copier,  scanner— in  one.  Some  fax  too.  Using  HP's  Digital  Sending  Software  (optional  on  the  HP  LaserJet  9055mfp  and  HP  LaserJet 
9065mfp),  you  can  scan  and  send  directly  to  e-mail  or  network  folders,  depending  on  the  model.  Choose  from  a  wide  range  of  devices  to  find  the  one 
that  fits  your  organization,  whether  you're  a  small  office  or  large  department.  By  actively  managing  your  overall  fleet,  you  could  save  up  to  30%  on  overall 
operating  costs  as  well  as  save  time  on  maintenance  and  supplies  management.  With  our  MFPs,  you  get  more  than  a  printer  or  copier.  And  with  HP  and  our 
authorized  dealers,  you  get  more  than  hardware — you  get  service,  support  and  expert  advice.  How's  that  for  multifunctional? 


HP  LASERJET 

4100mfp/4101mfp 

HP  LASERJET 

9000mfp/9000Lmfp 

HP  LASERJET 
9055mfp/9065mfp 

Fully  integrated  printing  and  copying 
solution  for  small  workgroups 

High-performance,  versatile  printing  and 
copying  for  large  workgroups 

High-volume,  high-performance  copying 
and  printing  for  large  departments 

•  Up  to  25  ppm  print/copy  speed  (black) 

•  Print,  copy,  color  scan,  digital  send  and  fax 
(optional  with  4100) 

•  1,600  sheet  maximum  input  capacity 

•  Up  to  50  ppm/40  ppm  print/copy  speed 
(black) 

•  Print,  copy,  color  scan,  digital  send  and 
optional  faxing 

•  Up  to  11"  x  17"  media  capable,  optional 
finishing  includes  multi-position  stapling  and 
saddle-stitch  booklet  production 

•  Up  to  55  ppm/65  ppm  print/copy  speed 
(black) 

•  Copy,  print,  scan,  standard  duplex  and 
optional  digital  send 

•  Optional  4,000-sheet  input  tray,  three-hole 
punch  and  cover  inserter 

•  Up  to  12"  x  18"  media  capable 

Mail-in  rebates  available  on  these 
two  models.* 

FREE  Digital  Sending  Software 
(HP  DSS  3.0  Workflow) 

Rebates  not  available  in  the  state  of  Connecticut. 


A  free  MFP  strategy  guide 

and  information  on  current 
offers  are  yours  for  the  asking. 

CALL 

800-888-3127 

CLICK 

hp.com/go/mfppromotions 

VISIT 

your  local  HP  reseller 

invent 


•Rebate  offers  good  on  HP  9000mfp/HP  9000lmfp  purchases  made  between  5/1/04  and  10/31/04.  Rebates  are  subject  to  change;  check  the  HP  Web  site  at  www.hp.com/go/hotdeals  for  most  current  rebate  offers  and/or  additional  rebate  offers.  ©2004  Hewlett  Packard  Development  Company,  L.P. 
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Mr.  40%  Less 
Time  Spent  on 
Maintenance  and 
Administration 

PING 


"Instead  of  putting  out  fires,  we  now  focus  on  ways  we  can 
deploy  new  technologies  that  benefit  our  customer  service." 


Dave  Chacon 

Manager,  Technical  Services,  PING 


Make  a  name  for  yourself  with  Windows  Server  System. 

Microsoft  Windows  Server  System  makes  it  easier  for 
golf  club  maker  PING  to  manage  the  infrastructure 
serving  their  400  end  users.  Here's  how:  By  using 
Windows  Server 2003  with  Active  Directory,®  PING 
now  centrally  manages  all  its  servers,  desktops, 
and  end  users  from  one  location.  This  cut  annual 
administrative  time  by  800  hours.  Time  that  can  now 
be  spent  developing  new  ways  to  support  customers, 
partners,  and  employees.  Software  that's  easier  to 
manage  is  software  that  helps  you  do  more  with  less. 
Get  the  full  PING  story  at  microsoft.com/wssystem 


Windows  Server  System™  includes: 


Microsoft* 


Windows 
Server  System 


Server  OS 


Operations  Infrastructure 


Application  Infrastructure 


Windows  Server™ 


Systems  Management  Server 


Operations  Manager 


Internet  Security  &  Acceleration  Server 
Windows’"  Storage  Server 


SQL  Server’" 

BizTalk  ’  Server 
Commerce  Server 
Host  Integration  Server 


Information  Work  Infrastructure  Exchange  Server 

Content  Management  Server 
Office  SharePoint’”  Portal  Server 
Office  Live  Communications  Server 
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ON  TECHNOLOGY 

John  Dix 

Stage  set 
for  VoIP, 
patch  debates 


All  the  parties  that  have  been  called  on  to  participate 
in  two  upcoming  NetworkWorld  Showdowns  are  in, 
including  six  prominent  VoIP  vendors  for  a  Show¬ 
down  at  the  VON  conference  in  Boston  this  week,  and  six 
patch-management  players  for  an  online  debate  Nov.  15. 

The  VON  event  will  be  our  fifth  Showdown  at  the  show 
over  the  years,  as  we’ve  tracked  the  development  of  IP 
PBXs  and  the  rise  of  IP  Centrex  services. 

This  time  around  Avaya,  Cisco,  Lucent,  Mitel,  Nortel  and 
3Com  have  agreed  to  come  prepared  to  discuss  a  mock 
RFI  for  a  company  with  a  New  York  headquarters  with  400 
stations  and  fiveT-1  trunks,  a  branch  office  in  Hoboken, 
N.J.,with  10  stations,  five  analog  lines  and  T-l  access, and  a 
branch  office  in  Bakersfield,  Calif., with  10  stations,  five  ana¬ 
log  lines  and  DSL. 

We’ve  told  the  vendors  the  buyer  is  primarily  interested 
in  the  productivity  gains  it  can  expect  and  how  the  sys¬ 
tem  will  support  emerging  technologies  such  as  Wi-Fi 
phones  and  the  ability  to  take  advantage  of  presence. 
Each  company  will  have  5  minutes  to  walk  us  through  an 
architecture  slide  and  a  benefits  slide,  before  fielding 
questions  from  yours  truly, VON’s  Carl  Ford  and  one  of  the 
competitors. 

That  will  be  followed  by  a  Showdown  staple:  the  vendors 
questioning  each  other  in  round-robin  fashion. 

We’ll  detail  the  outcome  in  a  Network  World  story  and 
post  the  slides  on  wwwnwfusion.com.  Stay  tuned. 

The  other  pending  Showdown  is  a  virtual  debate  on 
patch  management  the  week  of  Nov  15. 

With  patch-management  options  emerging  from  three 
segments  —  pure  play  patch-management  vendors,  server 
and  desktop  management  suppliers,  and  vendors  that  are 
coupling  vulnerability  scanning  with  patch  management 
—  we  thought  it  would  be  good  to  bring  representatives 
from  each  category  together  to  see  if  we  could  ascertain 
which  approach  makes  the  most  sense. 

Accepting  the  challenge  to  participate  are  Altiris,  Big  Fix, 
Citadel,  Configuresoft,  Shavlik  Technologies  and  Symantec. 

We’li  launch  the  online  debate  Nov.  15  with  vendors’ 
answers  to  questions  from  Network  World  Senior  Editor 
John  Fontana,  Senior  Writer  Denise  Dubie  and  guest 
expert  Felicia  Nicastro,a  principal  consultant  with 
International  Network  Services  and  author  of  the  forth¬ 
coming  book  Curing  the  Patch  Management  Headache. 

On  Nov.  16  the  vendors  will  be  given  the  chance  to  ques¬ 
tion  their  competitors,  and  then  on  the  following  day 
vve’i!  open  the  doors  to  everyone,  including  other  vendors 
and  readers. 

1  hope  you  can  join  us  for  these  debates. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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MCI  responds 

Johna  Till  Johnson’s  column  “MCI  isn’t  the  bargain 
would-be  buyers  envision”  (www.nwfusion.com, 
DocFinder:  4222)  reflects  a  lack  of  understanding  of 
MCI’s  global  strengths  and  operations  as  well  as  a 
miscomprehension  of  the  company’s  strategy 
Speculating  based  on  other  news  reports,  the  col¬ 
umn  treats  rumors  about  a  breakup  of  the  company 
as  fact.This  is  despite  the  fact  that  MCI  CEO  Michael 
Capellas  recently  publicly  stated, “We  have  no  plans 
to  break  up  the  company’ 

The  column  goes  on  to  suggest  that  MCl’s  network 
suffers  from  being  the  product  of  a  series  of  mergers. 
MCI  operates  one  of  the  most  technologically  ad¬ 
vanced  and  expansive  communications  networks  in 
the  world.  Our  customers  trust  MCI  to  transport  their 
most  critical  communications  traffic  throughout  the 
world. These  customers  have  chosen  to  remain  with 
us  because  they  recognize  the  quality  of  MCI’s  glob¬ 
al  network,  the  data  and  IP  communications  solu¬ 
tions  it  supports,  and  the  experts  who  run  it. 

Over  the  years,  MCI  has  heavily  invested  in  its  glob¬ 
al  IP/data  communications  network.  As  a  result,  dur¬ 
ing  2004  alone  MCI  has  been  the  first  data  commu¬ 
nications  company  to  deploy  an  ultra  long-haul  net¬ 
work;  field-test  40G  bit/sec  over  both  short-  and  long- 
haul  networks;  announce  a  Converged  Packet 
Access  strategy;  and  deploy  the  industry’s  latest 
state-of-the-art  fiber,  Medium  Dispersion  Fiber.  None 
of  these  technological  “firsts”  would  have  been 
achieved  if  MCI’s  networks  were  truly  as  the  column 
says,  an  “unholy  mess.” 

Fred  Briggs 

President,  operations  &  technology 

MCI 

Ashburn,Va. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  118  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


Johnson  replies:  I  respect  your  right  to  differ  with  the 
column,  but  it’s  important  to  distinguish  operational 
excellence  from  cutting-edge  technology.  Despite  the 
investments  MCI  has  made  in  its  network  technolo¬ 
gy,  current  and  departed  MCI  engineers  have  con¬ 
firmed  that  operationally,  the  network  continues  to 
be  complex  and  unwieldy  to  manage  —  an  issue 
that  potential  acquirers  would  do  well  to  recognize. 

Baggage  check 

I  take  issue  with  some  of  the  statements  about 
Microsoft’s  file  system  technology  in  Kevin  Tolly’s 
column  “Microsoft:  Sitting  duck  —  with  baggage” 
(DocFinder:  4223).  For  starters,  Windows  NT  File 
System  (NTFS)  is  not  an  “ancient”  file  system  with 
“baggage”;  NTFS  is  light  years  ahead  of  anything  else 
currently  offered.  NITS  gives  Windows  NT  a  true 
journaling  file  system,  all  the  way  back  to  the  origi¬ 
nal  version  of  NT  in  the  1990s.  Linux  only  recently 
got  this  ability  when  the  third  extended  file  system 
(EXT3)  came  out.  Prior  to  that,  Linux  users  had  to 
use  the  Reiser  file  system  or  an  IBM  file  system.  NTT’S 
supports  multiple  file  streams  within  a  file,ACL-level 
security  encryption  and  a  plethora  of  other  features 
that  are  missing  in  many  other  file  systems. Windows 
Future  Storage  (WinFS)  is  the  next  generation  in  file 
system  technology  —  something  Linux  and  the 
Unix  world  have  not  begun  to  really  think  about. 

I  especially  take  issue  with  Tolly’s  statement  that 
WinFS  would  bring  Microsoft  “into  the  20th  century’ 
If  this  is  the  case,  please  show  me  the  other  vendors 
or  options  that  are  so  superior  to  NTFS.  Most  Linux 
file  systems  are  still  playing  catch-up  with  NTFS. 

Christopher  Rose 
Kansas  City  Mo. 

Tolly  replies:  I  did  not  compare  NTFS  with  Linux. 
Rather,  I  compared  Microsoft’s  challenges  now  to 
those  with  which  IBM  had  to  contend  in  the  main¬ 
frame  world  of  the  1980s  and  early  1990s. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  4221 
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PACKET  EVANGELIST 

Steven  Taylor 

Is  there  any  innovation  in  the  network  mar¬ 
ketplace  anymore?  There’s  a  thundering 
silence  as  compared  with  a  few  short 
years  ago,  when  every  time  you  turned  around 
there  was  a  new  protocol,  a  new  product  ad¬ 
dressing  unmet  business  needs,  and  a  new 
forum  to  promote  these  new  products. 

Today,  only  three  areas  —  VoIP  security  and  wireless  —  constantly 
generate  news,  and  the  rate  of  change  in  these  areas  has  slowed  over 
the  past  few  years.  Instead,  we’re  seeing  more  emphasis  on  streamlining 
and  economizing  existing  processes  rather  than  inventing  new  ones. 
Have  networks  evolved  to  the  point  that  there’s  nothing  new  to  be 
done,  so  all  that’s  left  is  to  deliver  services  at  the  lowest  possible  cost? 

Innovation  is  alive  and  well,  but  it  also  depends  on  how  you  define 
innovation.  Innovation  goes  far  beyond  invention;  it  includes  taking 
existing  technologies,  concepts  and  products,  and  combining  them  in 
a  unique  fashion.  For  example,  Net  6  is  certainly  innovative  in  taking 
now-standard  SSL  technology  and  expanding  it  from  browser-based 
interfaces  to  encompass  VoIP  over  SSL. 

Similarly  innovation  can  be  used  to  solve  a  problem  that  innovation 
causes.Take  wireless  LANs  (WLAN). The  innovative  802.1 1  products 
from  a  few  years  ago  work  great  as  long  as  the  footprints  don’t  overlap. 
But  they  work  so  great  that  they  also  cause  a  problem  —  how  to  provide 
complete  coverage  over  an  entire  campus  while  controlling  access, pro¬ 
viding  roaming  capabilities  and  avoiding  interference. To  solve  this 
problem,  companies  such  as  Airespace,AirFlow,  Aruba  and  Trapeze 
came  out  with  innovative  approaches  to  fully  meshing  WLAN  coverage. 


Is  network  innovation  dead? 


One  could  even  argue  that  this  re-purposed  innovation  is  superior  in 
many  ways  to  invention.  Invention  generally  takes  a  wholesale  swap- 
out  and  generates  technology  wars.We  don’t  need  to  return  to  the  early 
1990s  with  transport  protocol  battles  between  frame  relay  ATM  and 
Switched  Multimegabit  Data  Service.  It’s  preferable  in  today’s  economy 
for  companies  to  have  better  ways  to  do  core  processes  using  an  exist¬ 
ing  or  almost-existing  infrastructure. 

Economics  and  innovation  must  work  hand-in-hand.  While  innova¬ 
tion  is  usually  viewed  as  good.it  will  only  be  meaningful  today  if  it  also 
has  a  strong  business  case  to  support  it.  Having  a  good  business  case 
can  even  change  “bad”  innovation  to  “good"  innovation. 

Skype  is  a  case  in  point.  To  many  IT  administrators,  the  fact  that 
Skype’s  founders  also  invented  KaZaa  overshadowed  any  possible 
benefits  that  peer-to-peer  communications  could  have  in  the  business 
environment.  However, Skype’s  excellent  voice  quality  and  ease  of  use 
started  softening  this  attitude. The  introduction  of  gateway  services  to 
the  public  switched  telephone  network,  providing  international  calls 
to  many  locations  for  about  2  cents  per  minute,  might  make  this  inno¬ 
vative  technology  even  more  acceptable. 

The  bottom  line,  then,  is  that  innovation  is  alive  and  well,  albeit  in 
some  less-radical  forms  than  in  years  past.  But  for  this  innovation  to  be 
taken  seriously  in  today’s  environment,  there’s  an  even  stronger  imper¬ 
ative  that  the  innovation  also  have  a  strong  business  value. 


We're  seeing 
more  emphasis 
on  streamlining 
and  economizing 
existing  proc¬ 
esses  rather 
than  inventing 
new  ones. 


Taylor  is  president  of  Distributed  Networking  Associates  and  editor/ 
publisher  of  Webtorials.com.  He  can  be  reached  at  taylor@webtor 
ials.com. 


REALITY  CHECK 

Thomas  Nolle 

As  one  network  salesperson  once  said  to 
me, “The  trouble  with  the  Fortune  2000  is 
that  there  are  only  2,000  of  them.”  While 
the  enterprise  market  has  been  the  mainstay 
of  private  network  equipment  sales,  it’s  a  mar¬ 
ket  that’s  not  getting  any  bigger.  It’s  not  sur¬ 
prising  that  vendors  eager  to  add  earnings 
and  profits  are  looking  more  at  the  “small  business” —  whatever  that  is. 

Cisco  recently  introduced  Catalyst  products  targeted  at  small  busi¬ 
ness,  and  its  press  material  uses  the  same  definition  of  a  small  business 
as  the  Small  Business  Administration  —  one  with  less  than  500  employ¬ 
ees.  My  projection  from  U.S.  Census  data  is  that  there  are  about  5.7  mil¬ 
lion  companies  in  the  U.S. Of  these,  more  than  99%  are  small  businesses 
by  the  SBA  definition.That’s  certainly  a  big  quantitative  market, one  that 
justifies  vendor  interest.  On  looking  deeper,  though, you  might  find  that 
there’s  less  to  small  business  than  meets  the  eye. 

How  big  does  a  company  have  to  be  to  need  a  LAN  or  WAN?  My  re¬ 
search  shows  that  businesses  with  100  or  more  employees  on-site  have 
an  almost  100%  chance  of  running  a  LAN.  If  you  look  at  businesses  with 
between  20  and  100  employees,  the  odds  go  down  to  about  60%. 
Businesses  with  less  than  20  employees  have  about  a  one-third  chance 
of  needing  a  LAN.  On  the  WAN  side,  only  about  16%  of  small  businesses 
at  the  100-  to  500-employee  level  need  multi-site  networking,  and  this 
number  drops  to  less  than  10%  in  the  20-  to  100-employee  range,  and 
to  near  zero  below  that.  This  is  interesting  because  there  are  only 
about  86,000  firms  in  that  sweet  100-  to  500-employee  slot.  There  are 
more  than  500,000  in  the  20-  to  100-employee  range  and  5  million  in 
the  1-  to  20-employee  range.  My  research  model  shows  that  there  are 
about  2  million  LAN  prospects  and  about  82,000  WAN  prospects.That’s 
a  lot  fewer  than  5  million  businesses. 

Then  there’s  the  “empowered  employee”  issue.  LANs  are  used  by  work¬ 
ers  who  spend  most  of  their  time  at  their  desks,  which  turns  out  to  be 
only  about  39%  of  small-business  workers.  This  means  that  a  top-tier, 


In  search  of  the  small  business 


100-  to  500-employee  company  would  need  about  75  LAN  ports.The  20- 
to  100-employee  group  would  have  an  average  of  25  LAN  ports,  and  the 
low  tier  would  have  only  five.  The  number  of  LAN  ports  needed  by  all 
groups  is  an  impressive  24  million,  but  42  million  of  this  population  is 
in  firms  that  would  never  need  more  than  40  ports.  More  than  24  mil¬ 
lion  would  need  fewer  than  10  ports.  How  about  the  WAN  stuff?  Of  the 
82,000  more-than-lnternet  WAN  users,  nearly  70,000  are  only  VPN-over- 
the-Internet  prospects.  The  remainder  needs  an  access  router  with  an 
average  2.3M  bit/sec  access  capacity  (about  aT-1  and  a  half). 

Not  only  are  the  capacity  demands  of  small  business  small,  but  their 
feature  needs  are  also  small.  Only  4.4%  of  the  total  small-business  pop¬ 
ulation  have  skilled  technical  people  on  staff.  It’s  very  doubtful  that  any 
company  in  the  lower  two  tiers  would  ever  need  network  manage¬ 
ment;  their  LAN  products  could  be  over-the-counter  stuff  that  costs 
about  $350  for  24  ports.  Well  over  half  the  small-business  population 
would  need  only  one  such  switch,  and  even  the  largest  of  the  small 
business  groupings  would  need  an  average  of  only  three.  In  the  WAN, 
the  average  retail  price  of  a  single  access  router,  even  for  the  largest  of 
the  small  businesses,  is  also  about  $350. 

This  isn’t  just  an  exercise  in  statistics;  it’s  an  exercise  in  market  direc- 
tion.The  “small-business  market  of  the  future”  is  not  just  a  scaled-down 
version  of  the  enterprise  market.  It’s  uninterested  in  technical  features, 
not  suitable  for  direct  sales  tactics  and  as  price  sensitive  as  the  dickens. 
If  this  truly  is  the  way  of  the  future,  then  the  vendors  are  going  to 
become  more  like  3Com,  D-Link  or  Linksys  than  Cisco. 

Do  the  new  features  of  network  products  actually  add  value,  or  just 
add  cost?  Is  it  time  to  buy  network  gear  as  many  already  buy  PCs  — 
from  discount  retailers?  Small  businesses  might  be  leading  the  market 
in  a  totally  new  direction. 


The  “small-busi¬ 
ness  market  of 
the  future"  is  not 
just  a  scaled- 
down  version  of 
the  enterprise 
market 


Nolle  is  president  of  CIMl  Corp.,  a  technology  assessment  firm  in 
Voorhees,  N.J.  He  can  be  reached  at  (856)  753-0004  or  tnolle@cimi 
corp.com. 
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Hat-rate  plans  skim  the  fat  off  wireless  spending, 

■  BY  LAURIANNE  MCLAUGHLIN 

Are  your  company’s  wireless  expenses  starting  to  look  as  large  as  Martha 
Stewart’s  legal  bills?  You  may  consider  an  option  for  slimming  down  wireless 
costs  that  remains  little  known  or  understood  by  many  corporations:  cus¬ 
tomized  flat-rate  plans. 


TechCaliber.  “If  you’re  big  enough  (say  more  than  5,000 
handsets)  you  can  negotiate  the  access  fee  to  zero,”  he  says. 

Beware  of  some  common  traps  regarding  flat-rate  plans. 
First,  don’t  focus  too  much  on  per-minute  cost,  Fox  advises. 
Focus  on  the  whole  usage  pattern  picture  for  your  com¬ 
pany  For  example,  free  night  and  weekend  minutes  and 
mobile-to-mobile  minutes  can  significantly  increase  a 
deal’s  value.  And  it’s  easier  to  negotiate  these  items  than  per- 
minute  discounts,  Fox  says. 

“A  9  cent  rate  across  the  board  might  sound  good,  but  if 
it  doesn’t  take  advantage  of  in-network  and  off-peak  call¬ 
ing,  it  might  not  be  right,”  says  IDC’s  Keith  Waryas,  research 
manager  for  wireless  business  network  services.  If  your 
company  makes  15%  to  20%  of  wireless  calls  between 
employees,  you  could  save  a  lot  simply  by  consolidating  to 
one  carrier  with  free  in-network  calling,  he  notes. 

Night  and  weekend  minutes  won’t  count  toward  the 
monthly  minimum  amount  that  carriers  typically  require. 

On  the  other  hand,  most  companies  today 
exceed  their  allotted  number  of  minutes,  as 
opposed  to  “wasting”  unused  minutes,  Waryas 
says. 

Another  pitfall:  Rat-rate  plans  don’t  neces¬ 
sarily  include  roaming.“When  it’s  69  cents  a 

See  Wireless,  page  42 
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Instead  of  buying  buckets  of  minutes  for  each  employee  or  a  pooled  bucket  of  min¬ 


utes  for  employees  to  share,  customized  flat-rate  plans  let  you  pay  as  you  go,  at  a  set 
rate  per  minute,  with  no  overage  penalties.You  negotiate  the  per-minute  rate  with  any 
of  the  major  national  wireless  carriers  based  on  number  of  phones  and  a  minimum 
number  of  minutes  or  dollars  spent  per  user,  per  month. 


“It’s  sort  of  a  hidden  marketplace,” says  Michael  Voellinger, 
director  of  wireless  service  for  Telwares,  a  consulting  firm 
that  helps  customers  make  such  deals.  “Unless  you  ask, 
you’ll  never  know  it’s  there.” 

When  companies  allow  employees  to  choose  their  own 
wireless  phone  and  plans,  the  results  are  messy  Telecom 
managers  end  up  with  complicated  brews  of  various 
plans,  then  struggle  to  maximize  efficiency  track  costs,  and 
budget  for  the  future.  Yet  according  to  The  Yankee  Group, 
48%  of  U.S.  corporations  let  employees  do  the  picking. 

At  the  same  time,  wireless  spending  continues  to  devour 
a  larger  chunk  of  enterprise  telecom  budgets.  For  U.S.  firms 
with  500  or  more  employees,  the  average  total  amount 
spent  on  wireless  services  will  spike  from  $3.6  million  to 
$4.7  million,  a  31%  increase  from  last  year,  according  to 
Yankee’s  2004  Corporate  Wireless  Survey  Most  of  these 
costs  are  wireless  voice  services,  not  wireless  data  services. 

A  desire  to  better  manage  those  escalating  costs  drove 
Rock-Tenn,a  packaging  firm  in  Norcross,  Georgia, to  exam¬ 
ine  flat-rate  options.  Rock-Tenn,  which  among  its  90  loca¬ 
tions  has  about  425  AT&T  Wireless  users  and  250  with 
Nextel,  recently  negotiated  a  flat-rate  contract  with  AT&T 
Wireless  with  the  help  of  Telwares  consultants.  A  Nextel 
deal  is  in  progress. 

It’s  a  cost  issue  and  a  simplicity  issue,” says  Bob  Zumwalt, 
Roek-Tenn’s  director  of  technology  “You  pay  for  what  you 
use  and  only  what  you  use.  It’s  easy  to  comprehend,  to 
audit,  to  present  to  business  units,  and  it’s  much  easier  to 

plan  for” 

Flat -rate  plans  usually  involve  a  monthly  access  fee  of  $10 
or  less  per  user  combined  with  a  flat  per-minute  rate. 

Y  &'f's  pricing  starts  at  $13  per  month  and  12  to  15  cents 
minute,  before  negotiations.  Discounts  depend  on 
t  phones  and  total  expenditure,  while  carriers 
minimum  number  of  minutes  or  dollars  spent  per 

can’t  specify  his  per-minute  rate  because  of  a 


contract  stipulation.  But  based  on  the  two  billing  cycles 
since  the  changeover,  he  says  he  expects  to  reap  30%  to 
40%  savings  overall,  which  represents  between  $207,000 
to  $276,000.  In  a  typical  year,  his  company  pays  AT&T 
Wireless  for  almost  4  million  wireless  voice  minutes, 
with  the  typical  user  consuming  800  minutes  per 
month.  “Previously,  we  had  buckets  of  minutes,  and  we 
were  constantly  in  the  plan  optimization  game,”  he  says. 

But  don’t  expect  customized  flat-rate  discounts  to 
apply  to  wireless  data  services.  All-you-can-eat  monthly 
data  plans  in  the  $70  to  $80  range,  from  carriers  such  as 
Verizon  and  Cingular,  will  continue  to  be  the  most  typi¬ 
cal  option  for  enterprise  clients  for  the  fore¬ 
seeable  future. 

Finessing  a  fiat-rate  plan 

To  varying  degrees,  all  the  major 
national  wireless  carriers  will  offer 
flat-rate  wireless  voice  to  enterprise 
customers,  says  Telwares’  Voellinger. 

And  more  of  his  clients  are  pursuing  flat-rate, 
he  says,  even  though  the  carriers  still  push  traditional 
pooling  plans. 

“The  bottom  line  is  the  rate  plans  that  have  been  out 
there  are  really  complex,”  he  says.  “What’s  driving  this 
move  to  flat-rate  is  customers  saying  ‘I  need  something 
that’s  less  complex.’” 

Along  with  simplifying  wireless  cost  structure,  flat- 
rate  plans  also  slim  down  spending.  “Where  flat-rate 
pricing  has  been  implemented,  we  have  seen  solid, 
inclusive  cost-per-minute  numbers  running  less 
than  8  cents, "Voellinger  says. 

While  every  deal  is  different,  enterprise  customers 
typically  can  save  20%  to  30%  when  renegotiating  rates 
and  moving  from  a  mix  of  standard  pooling  plans  to 
customized  flat-rate  plans,  says  Ben  Fox,  who  negotiates 
deals  for  customers  at  telecom  consulting  firm 


Wireless  gobbles  up 
telecom  budgets 


With  enterprise  wireless  usage  on 
the  rise,  wireless  voice  and  data 
services  are  estimated  to  account 
for  a  bigger  chunk  of  the  overall 
telecom  budget. 


Average  total  telecom  spending 


Average  wireless  spending 


2003 


$10.4M 


$3.6M 


2004  (anticipated) 


$11.3M 


$4.7M 


SOURCE: THE  YANKEE  GROUP 
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Auto  Tracking  Feature 
in  all  models 

High  speed  economical 
transmission  up  to  1.25Gbps 

Provides  High-quality,  reliable 
wireless  communications 
up  to  2km  with  Auto  Tracking 

Requires  no  radio  frequency 
allocations,  permits  or  licenses 

Highly  secure  data  links 

Protocol  independent,  like 
fiber  optic  cable 

Installation  and  operating  cost 
are  much  lower  than  installing 
fiber  optic  cable 


Provides  high-quality,  reliable 
wireless  communications  from 


Economical  FSO  for  data 
transmission  from  20m  to  500m 


State-of-art  data  transmission  at 
1.25Gbps  for  Gigabit  Ethernet  network 
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CANOBEAM  COMBINES  HIGH-TECH  WITH  LOW  PRICES 


canobeAm 

DT-100  Series 


mm-f 


•  Wide  range  of  data  speeds  from 
25Mbps  to  156Mbps 

•  Auto  Tracking  Feature 

•  DT-MNG100,  Management  Board 
built-in 


100m  to  2  km 

•  Wide  range  of  data  speeds  from 
25Mbps  to  156Mbps 

•  Auto  Tracking  Feature 

•  DT-MNG100;  Management  Board 
built-in 


•  Transmission  distance  from  100m 
to  1000m 

•  3R  Function  (Re-shaping,  Re-timing, 
Re-generating) 

•  Auto  Tracking  Feature 

•  DT-MNG100,  Management  Board  built-in 


Find  out  more  at  canobeam.com 

1-800-321-4388  (Canada:  905-795-2012) 
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for  flat-rate  usage.  “Our  costs  were  getting 
too  high,”  Cook  says.  “We  had  policies  in 
place  but  no  way  to  enforce  those.” 

Today,  any  phone  used  for  150  minutes  or 
less  per  month  gets  put  on  the  company’s 
negotiated  flat-rate  plan  from  Verizon 
Wireless.  This  includes  “disaster”  phones 
that  Intermountain  keeps  on  hand  in  case 
land-line  service  goes  down.“Flat  rate  does 
save  a  lot  of  money  but  it  has  to  be  the  right 
fit  for  the  user”  Cook  says. 

Telecom  trends 

While  AT&T  Wireless  has  offered  flat-rate 
pricing  since  2000,  the  carrier  has  not  seen 
an  uptick  in  demand  for  flat-rate  plans 
recently  says  Joe  Lueckenhoff,  a  vice  presi¬ 
dent  at  AT&T  Wireless. 

Looking  ahead,  flat-rate  will  become  an 
option  used  by  more  companies,  but  this 
trend  doesn’t  look  like  it  will  rewrite  the 
wireless  voice  game,  IDC’s  Waryas  says.  Most 
companies  will  use  a  mix  of  plans,  includ¬ 
ing  a  customized  flat-rate  plan  and  tradi¬ 
tional  pooled  plans,  instead  of  putting  all 
employees  on  one  type  of  plan,  he  predicts. 

For  IT  managers  who  do  end  up  examin¬ 
ing  flat-rate  plans,  Zumwalt  has  some 
advice.  Start  with  detailed  research,  includ¬ 
ing  a  solid  baseline  estimate  of  current  ser¬ 
vices  and  costs. 

“Keep  your  RFP  short  and  to  the  point,”  he 
says.  Define  your  expectations,  and  don’t  be 
bashful  about  stating  acceptable  price 
ranges  and  service  levels.  Doing  so  will 
help  you  develop  a  vendor  shortlist,  finalize 
the  vendor,  and  complete  the  contract 
negotiation.  “This  technique  got  high  marks 
from  the  vendors  and  made  everyone’s  job 
easier,  especially  ours,”  he  says. 

McLaughlin  is  a  freelance  writer  in  the 
Boston  area.  She  can  be  reached  at  lauri 
anne@mindspring.  com. 


The  Leading  Edge  in  Networking  Information 


The  latest  Special  Report  from  Miercom  includes  revealing  insight  from 
our  hands-on  testing.  90+  pages  of  primary  research  and  test  results: 


•  Securing  Cisco  CallManager:  Can  it  be  done?  What  is  needed?  How  much? 

•  How  about  securing  Avaya  IP  Telephony? 

•  Hot  vendor  survey  results  on  VoIP  Security 

•  Assessing  your  main  vulnerabilities 


•  Practical  Q&A  on  VoIP  Security 


:  V  v  and  much  more... 

■  */•  . 

.M' Ay.  ,•>  V  VA< •  •  .  -  v 

~  vi  W^more  details  Call  1-800-Miercom  or  go  online  www.miercom.com/security 


'"  V.- 


mi!® 


379  Princeton-Hightstown  Road,  Cranbury,  NJ  08512 
Phone:  609-490-0200  Fax:  609-490-0610  www.miercom.com 


Wireless 

continued  from  page  40 

minute  for  roaming,  it  doesn’t  take  long  to 
wipe  out  savings,”  Fox  says. 

Finally  carriers  prefer  that  flat-rate  plans 
involve  “corporate  liable”  phones  (acquired 


through  a  company  contract,  with  the  com¬ 
pany  having  end  credit  liability)  to  “corpo¬ 
rate-supported”  phones  (bought  by  em¬ 
ployees,  taking  advantage  of  corporate- 
negotiated  discounts.) 

Flat-rate  plans  work  best  for  Fortune  500 
or  1000  firms  with  variable  monthly  costs, 


and  which  are  willing  to  possibly  switch 
carriers,  says  Eugene  Signorini,  program 
manager  for  wireless/mobile  enterprise 
and  commerce  at  The  Yankee  Group. 

“Unless  you  have  a  high  number  of  lines, 
it’s  tough  to  negotiate  on  flat  rates,”  he  says, 
so  mid-sized  companies  will  have  a  tough 


time.  Still,  mid-sized  firms  may  convince 
some  carriers  to  move  on  price,  especially 
T-Mobile,  which  has  been  particularly 
aggressive,  he  says. 

Little-used  phones  may  be  another  area 
where  flat-rate  plans  could  save  your  com¬ 
pany  money,  says  Aaron  Cook,  a  telecom 
analyst  at  Intermountain  Health  Care  of 
Salt  Lake  City,  which  runs  12  hospitals 
throughout  the  state. 

Since  Intermountain  started  using  a  flat- 
rate  plan  about  two  years  ago  with 
MobileSense  software  to  manage  and  track 
its  20,000  employees’  wireless  voice  usage, 
the  company  has  discovered  a  sweet  spot 


Solid  savings 

Rock-Tenn’s  flat-rate  wireless 
contract  shaved  about 

30%.o40% 

off  its  wireless  costs,  which 
equates  to  roughly  $207,000  to 
$276,000. 
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Virus  Outbreaks? 


With  IronPort  Virus  Outbreak  Filters 


Today’s  email  borne  viruses  propagate  globally  in  hours  or  minutes,  much 
faster  than  traditional  defenses  can  react,  leaving  you  exposed  to  the  “reaction 
time  gap?  IronPort’s  Virus  Outbreak  Filters™  stop  viruses  4  to  6  hours  before 
traditional  virus  definition  files  are  available,  literally  predicting  virus  attacks 
before  they  cause  harm.  Available  now  at  www.ironport.com/nw 
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EtherScope 
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Test  Results 


Status 


□  if-  Connection 


Link  1000Mb  full  duplex 


Connection 


®@Cable  Verification 
Zt  Signal  Verification 
□  |j^  Local  Statistics 

Sa  Protocol  Statistics 
£  Top  Talkers 
3J  Device  Discovery 


12  It  to  active  device 
Link  1000Mb  full  duplex 
BW:  <1%,  peak:  4.6%,  avg:  0.3% 
Running... 

Running... 

42  devices 
2  IP,  3  NetBIOS 

2  VLANs 

TAC_C-pod(port  29) 

Monitoring  nearest  switch 
All  devices  responding 

3  detected 


IP:  010.248.001.121 

Mask:  2S5  2SS.2S5.000 

MAC:  FLUKE-C00045 

Service:  8023 


Speed 

Actual:  1000Mb 

Advertised:  1000Mb 


H.  Network  Discovery 
VLAN  Discovery 
23  Nearest  Switch 
'‘  Switch  Scan 
■rf*Key  Devices 
®*  Problem  Detection 


Duplex 

Actual:  Full 

Advertised:  Full  only 


Frames 

Received:  39520 

Sent:  19512 


■ireiniFiiB  lOraimaia 


S  1000Mb 


[j  7:35PM 


Introducing  the  EtherScope™  Network 
Assistant  -  your  eyes  into  the  network 
to  help  you  spot  problems  and  solve 
them  faster  than  ever.  You  don't  have 
time  for  trial  and  error.  Or  methods  that 
only  provide  part  of  the  picture.  That's 
why  Fluke  Networks'  new  EtherScope 
analyzer,  with  its  immediate  discovery  and 
fast  diagnostics,  helps  you  quickly  isolate 
urgent  problems  on  your  gigabit  network 
as  well  as  those  nagging  issues  that  may 
be  keeping  it  from  performing  at  optimum 
level.  Fast.  Accurate.  EtherScope.  So  you'll 
have  more  time  to  get  to  the  several 
dozen  items  on  your  "to  do"  list.  Visit  our 
web  site  and  check  out  the  virtual  demo. 
Then  request  a  test  drive  in  your  office  - 
on  your  network.  Decide  for  yourself 
whether  or  not  EtherScope  Net-work 
Assistant  will  be  your  next  new  hire. 
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Your  network  assistant  is  waiting 

- 

to  show  you  what  it  can  do  to  help 

make  your  job  ea 


and  take  a  tour  of  the  virtual  demo. 
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Network-modeling 

tools 


Opnet's  IT  Guru  is  tops  in  modeling  an 
enterprise  network 

Sm  BY  JEFFREY  FRITZ,  NETWORK  WORLD  LAB  ALLIANCE 

imple  questions  sometimes  don’t  have  simple  answers.When  questions  like: 
“Can  we  increase  the  bandwidth  to  our  regional  offices?”;  “Can  we  provide 
more  redundancy  for  our  critical  links?”;  and  “Can  we  do  this  and  reduce 
costs  at  the  same  time?”  are  asked  of  enterprise  network  executives,  it 
becomes  more  difficult.  Keeping  the  complex  beast  of  the  various  network  sections 
running  efficiently  at  maximum  bandwidth  and  minimum  cost  is  a  monumental  task. 


IT  Guru  10.5 


Fortunately  network-modeling  tools  let 
designers  or  operators  test  changes  to 
network  topology  before  they  are  imple¬ 
mented  in  a  production  network.  We 
recently  tested  the  ability  of  three  pack¬ 
ages  —  Opnet  Technologies’  IT  Guru 
10.5,  Analytical  Engines’  NetRule  Version 
6.0, and  Shunra  Software’s  Shunra/  Storm 
Version  3.1  —  to  model  changes  to  pre¬ 
dict  their  impact  on  the  University  of 
California,  San  Francisco  (UCSF)  cam¬ 
pus  network.  (See  How  we  did  it  at 
www.nwfusion.com,  DocFinder:  4229.) 

We  found  that  IT  Guru  was  the  most- 
accomplished  of  the  three  products.  It 
scaled  easily  to  accommodate  just  about 
any  production  enterprise  network  and 
had  powerful  tools  for  analyzing  net¬ 


work  issues.  NetRule  was  very  easy  to 
configure  and  learn,  providing  good 
modeling  tools,  especially  for  LANs. 
Shunra/Storm  did  an  especially  fine  job 
modeling  WANs.  Although  each  package 
has  specific  strengths,  all  are  competent 
packages  and  share  many  common 
analysis  tools  and  capabilities. 

Modeling  accuracy 

The  key  to  network  modeling  is  the 
ability  to  closely  match  the  generated 
network  model  map  to  the  real  network 
topology  We  wanted  to  find  out  how 
accurately  each  product  modeled 
events  such  as  link  failure,  link  change, 
device  failure, load  change, route  change 
and  link  overloading. 


IT  Guru  handled  all  these  issues  with 
aplomb.  It  let  us  implement  changes  on 
the  fly  We  could  change  factors  such  as 
Open  Shortest  Path  First  (OSPF)  link 
costs,  Hot  Standby  Router  Protocol 
(HSRP)  timers  and  OSPF  timers,  and 
immediately  see  the  impact  on  the  net¬ 
work.  IT  Guru  took  every  configuration 
change  we  threw  at  it,  and  it  accurately 
predicted  the  behavior  of  routing  proto¬ 
col  and  topology  changes.There  seemed 
to  be  nothing  too  complex  or  tricky  for 
IT  Guru. 

Changes  in  our  model  did  require 
accuracy  on  our  part.  For  example,  we 
modeled  two  HSRP-connected  routers. 
We  entered  all  the  HSRP  attributes  in 
both  routers,  but  the  HSRP  model 


OVERALL  RATING 
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Company:  OpnetTechriologies, 
www.opnet.com.  Cost: Typical  configur¬ 
ations  range  from  $50,000  to  $150,000, 
depending  on  product  module 
configuration.  Pros:  Very  scalable, 
powerful,  sophisticated  modeling, 
accepts  configurations  directly  from 
popular  network  management  packages 
such  as  HP  OpenView  and 
CiscoWorks.  Cons:  Steep  learning 
curve;  features  are  overwhelming  at 
first;  pricey. 


OVERALL  RATING 


Shunra/Storm 
Version  3.1 


Company:  Shunra  Software, 
www.shunra.com.  Cost:  $47,800  as 
tested.  Pros:  Real-time  simulation, 
excellent  for  modeling  WAN  links,  uses 
Microsoft  Visio  as  the  user  interface. 
Cons:  Less  capable  for  modeling 
enterprise  networks;  very  long  reboot 
time. 


NetRule  Version  6.0 


Company:  Analytical  Engines, 
www.analyticalengines.com. 

Cost:  $25,000  as  tested.  Pros:  Easy  to 
deploy,  user-friendly  interface,  easy  to 
learn.  Cons:  Lacks  some  of  the  features 
and  capabilities  required  for  modeling 
enterprise  networks;  no  direct  import 
from  popular  management  packages. 


The  breakdown 

IT  Guru 

Shunra/Storm 

NetRule 

Modeling  accuracy  50% 

5 

5 

3 

Performance  25% 

5 

4 

3.5 

Configuration  15% 

5 

4 

3 

Installation  5% 

4 

5 

4 

Documentation  5% 

3 

3 

4 

TOTAL  SCORE 

4.85 

4.00 

3.23 

„Key:  5:  Exceptional;  4:  Very  good;  3:  Average;  2:  Below  average;  1:  Consistently  subpar 
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refused  to  work.  It  turned  out  we  had  for¬ 
gotten  to  set  the  default  gateway  in  the 
router  configurations.  Without  this  infor¬ 
mation,  IT  Guru  simply  would  not  estab¬ 
lish  the  HSRP  session.  Because  this  is 
exactly  the  same  thing  that  occurs  in  a 
real-world  network,  we  were  impressed 
with  this  feature. 

While  NetRule  could  accurately  pre¬ 
dict  the  impact  of  many  network  topolo¬ 
gy  changes,  the  product  has  some  limita¬ 
tions  that  concerned  us.  For  example,  to 
test  load  sharing  we  created  two  links,  a 
1G  bit/sec  link  and  a  100M  bit/sec  link. 
We  reduced  the  1G  bit/sec  link  to  an 
OSPF  cost  of  zero,  expecting  the  model 
to  show  a  preference  for  the  higher- 
bandwidth,  lower-cost  link.  But  the 
NetRule  model  assumed  an  equal  cost 
between  the  1G  bit/sec  and  100M  bit/sec 
links.  Mystified,  we  called  NetRule  sup¬ 
port  and  were  informed  that  to  change 
the  OSPF  cost  we  had  to  delete  one  of 
the  existing  links  and  then  re-create  it 
with  the  new  cost.  We  couldn’t  simply 
change  the  cost  on  the  existing  links.The 
inability  to  change  costs  on  the  fly 
seemed  to  us  to  be  a  major  omission. 

The  NetRule  library  contains  a  reason¬ 
ably  large  selection  of  vendors  and  prod¬ 
ucts.  However,  it  does  allow  customiza¬ 
tion  of  any  network  models,  such  as 
changing  the  CPU  processing  power  and 
interfaces.  The  tool  does  not  check  for 
configuration  errors  or  device  inconsis¬ 
tency,  nor  does  it  check  for  IP  address 
conflicts  or  protocol  errors.  It  seemed 
that  the  model  assumes  that  users  do  not 
introduce  input  errors.  That  is  a  large, 
and  probably  unreasonable, assumption. 

A  very  nice  feature  of  Shunra’s  tool  is 
that  it  can  record  network  conditions 
directly  and  play  them  back.  This 
enables  real  applications  to  run  against 
the  simulation.  For  example,  we  could 
send  voice  packets  and  streaming  video 
between  devices  connected  to  Shunra/ 
Storm’s  StormAppliance.When  we  intro- 
See  Tools,  page  48 
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Blocks  Everything  but  Business. 


The  high-performance  PRO  Series- SonicWALL's  answer  to  your  network's 
most  intrusive  Internet  security  threats. 


Think  you're  protected  from  the  persistent  invasion  of  application  exploits,  worms,  and  malicious  traffic?  Think  again. 


The  PRO  4060  and  PRO  5060  from  SonicWALL®  provide  the  most  comprehensive  intrusion  prevention  solution  at  an  affordable  price, 
boasting  exceptional  performance  even  while  running  other  security,  mobility,  and  productivity  services. The  SonicWALL 
high-performance  PRO  Series  offers  unmatched  protection  from  application  worms,  blended  threats,  and  exploits,  including  those 
propagated  through  instant  messaging  and  peer-to-peer  applications.These  powerful  integrated  security  appliances  include  Deep 
Packet  Inspection  with  over  1 700  signatures  in  a  dynamically  updated  database.Tenacious  attacks  on  your  network  are  inevitable, 
but  with  IPS,  content  filtering,  gateway-enforced  anti-virus,  and  IPSec  VPN,  the  SonicWALL  PROs  relentlessly  combat  threats  and 
uncompromisingly  boost  your  business  productivity. 


The  SonicWALL  high-performance  PRO  Series.  Not  just  detection... prevention.  Get  to  work. 


To  learn  more  about  SonicWALL's  high-performance  PRO  Series  products  with  IPS — 
the  mandatory  element  of  network  security — contact  one  of  the  resellers  below  or  visit 
www.sonicwall.com/home/reseller.asp  to  find  a  SonicWALL  reseller  near  you. 
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PRO  5060  and  PRO  4060 


Your  91  Source  for  Network  Solutions 


Conjungi  Networks 

E2  Services 

SysIntegrators.LLC 

(866)  818-9111 

(866)  527-7100 

(718)  545-5055 

www.conjungi.com 

www.e2-services.com 

www.sysintegrators.com 
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Shunra's  Storm  3.1  appliance  excels  at  modeling  WAN  links. 


Tools 
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duced  delay  packet  loss  or  jitter,  or  re¬ 
duced  the  link  bandwidth,  we  actually 
could  see  the  video  degrade  or  hear  the 
audio  drop  out.  This  feature  makes  it 
extremely  easy  to  determine  the  minimum 
acceptable  criteria  required  for  specific 
applications  across  various  links.  We  found 
this  a  very  useful  feature.  With  IT  Guru  and 
NetRuie,  we  could  get  this  same  informa¬ 
tion,  but  it  was  presented  numerically. 

Configuration  and  performance 

With  its  optional  Multi-Vendor  Import 
(MV1)  module,  IT  Guru  can  import  config¬ 
uration  directly  from  Cisco  and  Juniper 
devices.  For  other  vendors’  gear,  Opnet 
requires  the  optional  Virtual  Network 
Environment  (VNE)  server. The  VNE  server 
supports  network  devices  from  Cisco 
Catalyst  IOS,  Extreme  Networks,  Foundry 
Networks,  Nortel  and  other  vendors.  We 
were  disappointed  that  IT  Guru  could  not 
import  more  non-Cisco  IOS  devices’  con¬ 
figurations  directly,  instead  of  requiring 
optional  products  that  cost  extra. 

There  are  multiple  ways  to  handle  the  IT 
Guru  configuration.  For  example,  it  can  use 
the  optional  VNE  server,  import  text  files 
from  CiscoWorks  or  create  network  objects 
manually.  It  also  can  query  an  HP 
OpenView  server,  which  lets  it  build  a 
model  of  the  production  network  that  is 
automatic  and  up-to-date.  However,  this 
requires  modifying  the  OpenView  server 
configuration  to  accept  connections  from 
the  workstation  that  is  running  IT  Guru.  Our 
IT  security  team  wouldn’t  give  us  access  to 
a  production  OpenView  server  from  a  test 
lab  machine, so  we  couldn’t  test  this  feature. 
Instead,  we  modeled  the  Cisco  devices  in 
our  network  using  data  provided  by  a 
CiscoWorks  text  file  export,  along  with  man¬ 
ually  created  Foundry  network  devices. 

IT  Guru  imported  the  backbone  network 
device  configuration  for  120  Cisco  devices 
from  our  CiscoWorks  file  in  less  than  3  min¬ 
utes.  Because  IT  Guru  is  very  sensitive  to 


syntax  errors,  creating  manual  configura¬ 
tions  for  the  Foundry  gear  was  a  painful 
and  time-consuming  process.To  make  mat¬ 
ters  worse,  there  was  no  warning  or  alert 
that  flagged  syntax  errors.  The  model  sim¬ 
ply  refused  to  work  properly 

For  performance,  IT  Guru  led  the  pack. 
The  product  is  very  flexible  and  scalable, 
providing  many  customization  features. 
The  user  interface  offers  several  options 
and  templates  that  let  users  drag  and  drop 
several  kinds  of  network  topologies.  This 
creates  a  product  that  is  sophisticated, 
powerful  and  complex.  At  times,  we  found 
ourselves  overwhelmed  by  its  rich  features 
and  complexity 

NetRuie  required  little  time  and  effort  to 
configure  and  build  a  network  model. The 
product  provided  a  palette  of  Cisco-specif¬ 
ic  and  generic  network  devices.  Model 
creation  is  straightforward.  Simply  drag 
and  drop  devices  from  the  NetRuie  library 
to  create  the  network,  adding  the  appropri¬ 
ate  links  and  routing  protocol  information. 
Next,  define  the  source  and  destination, 
and  the  required  resources  such  as  priori¬ 
ty,  message  bytes,  delay  and  traffic  type.  We 
felt  this  was  as  straightforward  as  a  model 
configuration  can  be. 

Unfortunately  NetRuie  does  not  interface 
with  management  packages  such  as 
OpenView  and  CiscoWorks.  NetRuie  can 
read  a  CiscoWorks  text  file,  but  not  as 
directly  as  IT  Guru.The  text  file  has  to  be  in 
the  predefined  format  that  NetRuie 
expects.  This  made  the  replication  of  our 
large-scale  production  environment  a 
labor-intensive  process.  As  a  result,  we 
couldn’t  easily  import  our  120-device  net¬ 
work  topology  into  the  product.  Instead, 
we  manually  created  a  12-router  subset  of 
our  production  network.  It  took  us  about 
30  minutes  to  model  the  12-router,  full- 
mesh  network  topology 

Once  the  model  was  completed, 
we  could  create  reports  based  on  con¬ 
figuration  changes  to  the  devices  and 
links.  The  NetRuie  reporting  feature  was 
very  good,  and  provided  a  graphical  dis¬ 
play  of  network  utilization,  delay,  traffic 


flow  and  the  like. 

NetRule’s  performance  was  acceptable.  It 
took  longer  than  we  expected  for  the 
application  to  launch,  but  once  it  started, 
NetRuie  seemed  to  operate  relatively 
quickly  in  displaying  the  result  whenever 
we  implemented  changes  to  the  model. 

Shunra’s  approach  to  network  modeling 
is  more  empirical  —  it  literally  records  the 
network  conditions  directly  and  plays 
them  back,  while  enabling  applications  to 
run  against  the  recorded  model.  Because 
of  this  approach,  some  typical  modeling 
parameters  don’t  apply  to  the  product, 
such  as  importing  network  configurations 
from  CiscoWorks  or  OpenView. 

Configuration  involved  right-clicking  on  a 
link  or  device  in  Visio  and  making  changes 
through  a  drop-down  menu. We  could  then 
observe  the  changes  on  the  network  by 
watching  how  the  applications  running 
through  StormAppliance  behaved.A  built-in 
Sniffer-like  protocol-decode  function  was  a 
plus.Shunra’s  reporting  function  produces  a 
nice  real-time  chart  that  displays  through¬ 
put  per  second  in  and  out,  queues,  delay 
and  packet  counts. 

Shunra  is  a  hardware-based,  network¬ 
modeling  product.That  gives  it  somewhat  of 
an  edge  in  terms  of  performance  over  an 
entirely  software-based  modeling  applica¬ 
tion.  In  most  instances  its  speed  was  as  good 
as  or  better  than  the  other  products  in  terms 
of  implementing  network-modeling 
changes.  However,  the  appliance  did  have 
an  annoying  tendency:  Whenever  we 
changed  certain  model  parameters,  we  had 
to  warm-boot  the  hardware.  For  example, 
switching  StormAppliance  between  Layer  2 
and  Layer  3  (switching  and  routing) 
required  a  reboot,  as  did  turning  on  and  off 
multicast.  (It’s  often  preferable  to  change 
between  switching  and  routing  in  the  same 
network  to  observe  the  performance  char¬ 
acteristics  of  a  network  model  using  Layer  2 
switching  or  Layer  3  switching/routing.) 
Adding  insult  to  injury  the  reboot  process 
was  slow  —  it  took  more  than  2  minutes. 

Installation  issues 

Opnet’s  IT  Guru  10.5  is  a  complete  prod¬ 
uct.  We  received  four  CDs  that  contained 
the  Report  Server  module,  the  IT  Guru 
application,  documentation  and  the  Opnet 
Model  Library  The  package  also  includes 
the  Application  Characterization 
Environment  (ACE),  Simulation  Runtime, 
Flow  Analysis,  Net  Doctor  and  the  ACE 
Decode  Module.There  are  numerous  mod¬ 
ules  (some  come  with  the  base  product, 
some  are  included  depending  on  the  spe¬ 


cific  configuration  ordered,  and  some  are 
optional  at  extra  cost.)  The  number  of 
modules  available  for  IT  Guru  reflects  the 
flexibility  and  complexity  of  the  product. 
This  isn’t  a  package  that  you  just  install  and 
walk  away  from.  It  has  a  plethora  of 
options  and  capabilities  that  need  to  be 
mastered  before  a  user  can  take  full  advan¬ 
tage  of  it. 

IT  Guru  installed  without  problem, 
although  it  took  nearly  10  minutes  to 
install  the  model  library  which  checks  in  at 
a  whopping  830M  bytes  of  hard  drive 
space.  We  were  surprised  that  the  installa¬ 
tion  process  required  two  complete 
reboots  to  make  the  program  ready  for  use. 

NetRuie  was  far  more  compact,  taking  up 
a  mere  13M  bytes  of  space,  but  it  doesn’t 
not  contain  the  tools  and  modules  that  IT 
Guru  has.  NetRuie  took  just  more  than  a 
minute  to  install,  with  no  reboots  required. 

The  Shunra/Storm  package  included  the 
StormAppliance  hardware,  StormCatcher 
(enables  the  capture  and  replay  of  network 
activity)  and  StormConsole.  Storm¬ 
Appliance  is  responsible  for  emulating  link 
conditions  such  as  bandwidth,  packet  loss, 
delay  and  out-of-order  packets. 
StormConsole  (a  Microsoft  Visio  macro) 
creates  the  network  model  and  is  used  as 
the  interface  to  StormAppliance.  Installation 
of  StormCatcher  and  StormConsole  was 
brief.  We  had  some  problems  attaching  our 
laptop  to  the  network  ports  on 
StormAppliance.  The  Dell  Latitude  note¬ 
books  equipped  with  100M  bit/sec  Ethernet 
PC  cards  could  not  connect  to 
StormAppliance,  while  another  Dell  laptop 
with  an  integrated  Gigabit  Ethernet  port 
connected  without  a  problem.  After  search¬ 
ing  the  documentation,  we  found  that  PCs 
must  be  connected  to  the  appliance  using 
the  supplied  crossover  cables.  We  were 
using  regular  Ethernet  cables.  The  Gigabit 
Ethernet-enabled  laptop  supported  auto¬ 
sensing  of  cable  configuration.  Shunra 
should  have  pointed  out  the  need  to  use 
the  crossover  cables  in  the  installation  sec¬ 
tion  instead  of  burying  this  in  an  appendix. 

Documentation 

The  IT  Guru  documentation  is  on  a 
CD-ROM  and  online.  If  a  customer  requires 
printed  documentation,  there  is  an  extra 
fee.  We  were  surprised  that  a  product  this 
complex  and  expensive  did  not  include 
professionally  printed  documentation. 

NetRule’s  printed  documentation  ap¬ 
peared  to  come  from  a  color  laser  printer. 
We  would  have  preferred  a  higher-quality 

See  Tools,  page  50 


Opnet's  IT  Guru  is  pricey  but  powerful. 


Middleware  is  Everywhere 


IBM.  the  IBM  logo.  WebSphere,  the  On  Demand  logo.  Express  Middleware,  and  gxpress,P$rtfolio  are  registered  trademarks  or  trademarks  of  International  Business  Macftnes 
Corporation  in  the  United  States  and/or  other  countries.  Based  on  IBM  pricing  including  software  maintenance  and  iechnical  support.  Check  witf}  ypurlocahIBM' 

representative  for  actual  pricing  Business  Partner  prices  may  vary.  •  2004  IBM  Corporation.  Jll  rights  reserved.  -  ,  .  1  '  •  t.  >•;’ "t 


Key 

IBM  EXPRESS  MIDDLEWARE™  IS  SOFTWARE. 

Software  like  WebSphere®  Express  that’s  designed 
to  help  mid-sized  businesses  connect  their  processes 
to  meet  business  goals.  On  demand.  Designed  to  work 
with  the  IT  systems  you  have.  Designed  to  be  installed 
quickly  and  easily,  with  prices  starting  at  $600t  Ask  your 
Business  Partner  about  it  -  or  you  might  miss  the  boat. 

1.  Crates  of  patio  furniture  scanned. 

2.  Quantities  verified  on  secure  database. 

3.  Timetables  confirmed  online. 

4.  Inventory  added  to  order  automatically. 
5.1,200  plastic  chairs  en  route  to  Key  West. 

Ask  your  Business  Partner  or  learn  more  about  us  s 

it  ibm.com/middleware/express  M  demand-express  portfolio 

BUILT  FOR  MID-SIZED  BUSINESS. 
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presentation,  although  the  necessary  infor¬ 
mation  was  included. 


nicely  laid  out.  We  were  disappointed  in  the 
amount  of  effort  it  took  to  dig  out  some  spe¬ 
cific  information  from  the  documentation 
(for  example, our  crossover  cable  issue). 


Shunra  provided  a  professionally  printed  Deployment  considerations 
user  manual.The  configuration  procedure  is  IT  Guru  is  extremely  powerful  and  fea-  we  sometimes  scratched  our  heads  when 


ture-rich.  Users  are  expected  to  possess 
both  a  thorough  knowledge  of  network¬ 
ing  and  the  product  itself,  giving  it  the 
highest  learning  curve  of  any  of  the  prod¬ 
ucts  we  tested. 

Even  after  a  full  day’s  training  by  Opnet, 
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Managed  In-Depth  Security 

Apani  Networks  is  a  leader  in  point-to- 
point  security,  shielding  "data-in  motion” 
from  threats  created  by  end-user  access 
from  remote  and  private  networks. 

The  Apani  Networks  solution  provides 
strong  encryption  for  seamless  data 
communication  protection  and 
centralized  management  for  access 
control.  See  us  at  www.apani.com 


Fortinet  is  the  confirmed  leader  of  the 
Unified  Threat  Management  market- 
space  and  produces  the  new  genera¬ 
tion  of  real-time  network  protection 
security  systems.  More  than  60,000 
of  the  company's  award-winning 
FortiGateTM  series  of  ASIC-accelerated 
antivirus  firewalls  are  running  at  over 
2,000  customers  worldwide. 
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VeriSign,  Inc.  (NASDAQ:  VRSN) 
delivers  intelligent  infrastructure 
services  that  make  the  Internet  and 
telecommunications  networks  more 
reliable  and  secure.  Every  day  VeriSign 
helps  thousands  of  businesses  and 
millions  of  consumers  find,  connect, 
secure,  and  transact  with  confidence, 
across  today’s  complex  global  networks. 
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we  tried  to  use  several  of  the  product’s 
advanced  features.  However,  once  we 
began  to  understand  the  product,  it  be¬ 
came  clear  that  IT  Guru  was  almost 
unlimited  in  its  capabilities. 

Network  engineers  looking  for  a  sophis¬ 
ticated  package  that  can  model  almost 
any  enterprise  network  would  find  IT 
Guru  to  their  liking. 

NetRule  doesn’t  have  all  the  bells  and 
whistles  of  IT  Guru,  but  what  it  lacks  in 
muscle  power  it  makes  up  for  in  user 
friendliness. 

After  attending  a  one-day  training  ses¬ 
sion,  we  could  create  network  models 
without  problem.  This  easy-to-learn  pack¬ 
age  does  a  decent  job  modeling  smaller- 
sized  networks,  making  it  ideal  for  model¬ 
ing  building  or  departmental  LANs. 

While  Shunra  doesn’t  compare  to  IT 
Guru  and  NetRule  for  in-depth  enterprise 
network  modeling,  it  does  show  how 
applications  and  networks  can  be  affect¬ 
ed  by  bandwidth  throttling,  link  limita¬ 
tions,  packet  delay,  jitter  and  the  like.  Using 
Visio  as  the  device  interface  was  a  bril¬ 
liant  idea. 

It  is  the  rare  network  engineer  or 
designer  who  isn’t  at  least  somewhat 
familiar  with  Visio.  This  makes  it  a  terrific 
front  end  to  Shunra/Storm,  and  signifi¬ 
cantly  reduces  the  learning  curve.  It  has 
excellent  capabilities  to  simulate  frame 
relay  T-ls  and  Gigabit  links.  This,  coupled 
with  drop-downs  that  allow  on-the-fly 
changes  to  links,  make  Shunra/Storm  a 
natural  for  modeling  WAN  connections. 

Fritz  is  the  director  of  Enterprise  Net¬ 
working  Services  for  the  University  of 
California,  San  Francisco,  and  is  responsible 
for  network  technology  development  and 
campus-wide  voice  and  data  network  oper¬ 
ations.  He  has  a  master's  degree  in  electrical 
engineering  from  West  Virginia  University, 
and  is  the  author  of  Remote  LAN  Access:  a 
guide  for  networkers  and  the  rest  of  us, 
and  Sensible  ISDN  Data  Applications, 
which  is  in  its  third  printing.  He  can  be 
reached  at  jfritz@its.ucsf.edu. 
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Fritz  also  is  a  member  of  the  Network  World 
Lab  Alliance,  a  cooperative  of  the  premier 
testers  in  the  network  industry,  each  bring¬ 
ing  to  bear  years  of  practical  experience  on 
every  test.  For  more  Lab  Alliance  information, 
including  what  it  takes  to  become  a  partner, 
go  to  www.nwfusion.com/alliance. 
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JUST  BECAUSE  THE  SYSTEM  IS  DOWN 
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DOESN’T  MEAN  THE  PEOPLE  USING  IT  SHOULD  BE 

Constant,  uninterrupted  access  to  critical  data,  systems  and  people.  Even  when  something  goes  wrong.  That’s  Information  Availability.  And  one  of  ' 
the  best  ways  to  virtually  guarantee  Information  Availability  is  by  running  your  production  systems  out  of  our  facilities.  You  manage  your  applications 
and  data  while  SunGard  Availability  Services  helps  to  ensure  that  the  infrastructure  and  technical  support  you  need  is  always  on.  SunGard  can. 
offer  a  secure  and  scalable  environment  at  a  lower  operational  cost  for  production.  Plus  we  have  over  60  state-of-the-art  hardened  facilities  with 
network,  power  and  equipment  redundancies  that  are  unparalleled.  For  a  free  copy  of  the  IDC  SUNGARD!  Keeping  People 

WhitePaper:  “Ensuring  Information  Availability”  visit  www.availability.sungard.com/idcwp.  Availability  Services  Connected." 
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These  days,  no  network  is  free  of  threats.  That’s  why  you  have  to  assign  network  security  privileges  to  everyone.  Employees,  customers, 
and  partners.  You  need  to  set  an  acceptable  use  policy  that  dictates  what  each  of  them  can  and  can’t  access.  Until  now,  you  had  to  do 
this  manually. 

Not  anymore.  Now  you  can  do  what  Baylor  University  did.  Implement  an  Enterasys  Secure  Networks™  solution  with  a  unique,  policy- 
based  system  that  empowers  the  network  to  allocate  resources  based  on  specific  users  and  their  roles.  The  network  “sees”  who  the  user 
is  and  assigns  privileges  accordingly.  This  improved  control  also  gives  you  more  security. 

3 1  s  all  about  giving  you  a  smarter  way  to  network  with  central,  intuitive  management.  Find  out  more  at  networksthatknow.com/Baylor. 
<  h-  ask  any  one  of  the  many  enterprise  customers  we’ve  worked  with  for  years. 
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■  CAREER  DEVELOPMENT 

■  PROJECT  MANAGEMENT 

■  BUSINESS  JUSTIFICATION 


Linux  lowdown 

Consider  the  options  with  open  source  certification. 


■  BY  DENI  CONNOR 

Doctors,  lawyers  and  certified  public  accountants  all  require  certification,  and  IT  con¬ 
sultant  Doug  Freyburger  doesn’t  think  expectations  of  Linux  professionals  need  to  be 
any  different. 


“They  are  respected  and  well  paid  because  of  their  certi¬ 
fications,”  says  Freyburger, a  senior  consultant  for  Collective 
Technologies  who  is  certified  by  skills-measurement  site 
Brainbench.  “To  the  extent  that  Linux  certifications  have 
the  promise  to  evolve  to  the  level  of  the  CPA  certification 
tests,  I  support  them.” 

Many  programs  have  sprung  up  to  meet  growing  interest 
in  using  Linux  certification  to  validate  technical  skills. 
Among  them  are  Brainbench,  the  Computer  Technology 
Industry  Association  (CompTIA),  the  Linux  Professionals 
Institute  and  Sair  Linux,  which  all  offer  vendor-indepen- 
dent  programs  and  testing  in  Linux.  Novell  and  Red  Hat 
offer  several  courses  and  tests  based  on  their  individual 
distributions  of  Linux.  And  the  Systems  Administrators 
Guild, a  group  of  Usenix  network  professionals,  offers  basic 
networking  exams  and  specialized  Linux,  Unix  and 
Windows  modules. 

“By  obtaining  certification,  the  applicant  has  a  respected 
third  party  willing  to  stake  [its]  professional  reputation  that 
the  candidate  has  a  certain  minimum  level  of  compe¬ 
tence,”  says  Tommy  Reynolds,  a  Red  Hat  Certified  Engineer 
(RHCE)  who  works  as  a  Linux  trainer  for  MegaCoder.com 
in  Danville,  Ala.  “Certification  is  an  independent  endorse¬ 
ment  of  one’s  abilities.” 

Ron  Gage,  a  systems  administrator  under  contract  to  IBM 
in  Southfield,  Mich.,  says  certifications  are  more  effective 
than  a  college  degree  because  they  demonstrate  actual 
knowledge  of  the  subject.  Gage  holds  the  Linux  Profes¬ 
sionals  Institute  Certification  1  (LPIC1),  the  CompTIA  A+ 
and  Network+,and  the  Microsoft  Certified  Professional  and 
says  vendor-neutral  certifications  are  the  most  useful. 

“If  you  were  trying  to  get  a  job  at  a  company  that  used 
Slackware  Linux  and  you  had  the  Red  Hat  certification, 
you  would  be  at  a  disadvantage.The  generic  certification  is 
much  more  likely  to  establish  broad  knowledge  of  multiple 
Linux  distributions,”  Gage  says. 

According  to  Reynolds,  the  particular  certification  type 
matters  less  than  the  process  required  to  obtain  it. 
Compared  to  a  multiple-choice  exam,  “a  performance- 
based  certification  program  provides  an  additional  level  of 
information  about  a  candidate’s  skill  set  by  presenting  a 
series  of  real-world  challenges  to  an  applicant  in  a  real- 
world  setting  with  pressure,  deadlines,  and  all  the  rest,”  he 
says.  He  views  the  Red  Hat  Certified  Architect  and  RHCE 
timed  lab  exams  among  the  best. 

Hands-on  Linux  experience  is  most  important  to  Joe 
Pbole,  manager  of  technical  support  for  Boscov’s  in 
Reading,  Pa.  “Certification  says  to  me  that  the  person 


passed  some  tests,”  he  says.“It  doesn’t  say  whether  there  is 
enough  practical  experience  to  do  the  job.” 

The  retailer  uses  SuSE  Enterprise  Linux  Server  on  its 
zSeries  mainframe  to  run  his  company’s  Web  site.  If  Fbole 
has  a  question  on  attaching  Fibre  Channel  storage  devices 
to  the  retailer’s  mainframe,  he  refers  to  the  IBM  Redbook: 
Linux  on  zSeries:  Fibre  Channel  Protocol  Implementation 
Guide.  “Get  out  the  IBM  Redbooks,and  give  it  a  try?’ he  says. 

Improved  options 

Reynolds  says  becoming  certified  in  Linux  should  help 
IT  administrators  get  better  jobs  or  better  pay  “Obtaining 
certification  in  Linux  helps  distinguish  an  applicant  in  a 


sea  of  job  seekers,”  he  says.“Certification  attests  not  only  to 
the  skill  competency  level,  but  also  shows  commitment 
and  a  willingness  to  go  an  extra  step  in  one’s  professional 
development.” 

But  as  much  as  IT  pros  think  Linux  certification  is  a 
pathway  to  a  better  job,  they  would  find  that  few  positions 
specifically  require  it.  A  recent  search  of  positions  on  job 
site  Dice.com  turned  up  2,900  positions  requiring  Linux 
experience,  roughly  5%  of  the  56,000  or  so  total  postings. 
As  of  early  October,  only  300  of  Dice’s  job  postings  re¬ 
quired  Linux  certification.  Of  these,  Red  Hat  topped  the 
list  with  1 18  positions,  while  SuSE  trailed  with  only  46  jobs 
requiring  it. 

Like  other  certifications,  Linux  specialists  shouldn’t  ex¬ 
pect  certification  to  drive  up  their  compensation.  “When 
Linux  adoption  began,  there  was  a  big  run  on  Red  Hat  cer¬ 
tification  and  then  the  LPIC2  came  out,”  says  David  Foote, 
president  of  compensation  analyst  firm  Foote  Partners. 
“There  was  a  bit  of  a  spike  in  pay  but  as  the  supply  equaled 
out  with  demand,  the  price  remains  stable.” ■ 


Learning  Linux 


Organization 

Certification 

Focus 

Prerequisite 

Exam  type 

Computer 

Technology 

Industry 

Association 

(CompTIA) 

Linux+  Certification 

Any  Linux  administrator 

Six  months  of  Linux 
experience 

Multiple  choice 

Linux 

Professional 

Institute 

LPIC1 

Installing  Linux  PCs,  attaching 
them  to  the  LAN 

None 

Multiple  choice 

LPIC2 

Installing  small  Linux  networks 

LPC1  and  two  years  of 
Linux  experience 

Multiple  choice 

LPIC3 

Installing  multi-site  networks 

LPIC2 

Multiple  choice 

Novell 

Certified  Linux 
Professional 

Manage  Linux  administrative  tasks 

None 

Multiple  choice 

Certified  Linux 
Engineer 

Networking  in  a  heterogeneous 
environment 

Knowledge  of  Linux 
administration 

Multiple  choice 

Red  Hat 

Red  Hat  Certified 
Technician  (RHCT) 

Installing  Linux  PCs,  attaching 
them  to  the  LAN 

No  experience 

Multiple  choice, 
hands-on  lab 

Red  Hat  Certified 
Engineer  (RHCE) 

Linux  server,  networking  and 
security  services 

RHCT  or  equivalent 
experience 

Multiple  choice, 
hands-on  lab 

Red  Hat  Certified 
Architect 

Installing  multi-site  networks 

RHCE  equivalent 
experience 

Multiple  choice, 
hands-on  lab 
Multiple  choice 

Sair  Linux 

Linux  Certified 
Administrator 

Linux  networking,  installation, 
configuration  and  security 

None 

Linux  Certitified 
Engineer 

Sendmail,  SAMBA,  Apache  and 
Linux  core  essentials 

Linux  Certified 
Administrator 

Multiple  choice 

Systems 
Administra¬ 
tor’s  Guild 
(SAGE) 

cSAGE 

Systems  administration 

Experienced  systems 
administrator  with 

mentor 

Multiple  choice,  lab 

Multiple  choice,  lab 

mSAGE 

Operating  system  and  network 
administration,  problem  solving, 
programming  proficiency 

SAGE  certification 
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Today's  focus:  Tips  for  VoWLAN  deployment 
By  Joanie  Wexler 

Network  World  Wireless  in  the  Enterprise  Newsletter 


I  recently  spoke  with  Jon  Leary,  a  product  line  manager 
in  Cisco's  wireless  networking  business  unit,  about  what 
enterprisesmight  do  to  ensure  success  with  voice  over 
wireless  LAN  deployments. 


VoIP's  fundamental  sensitivities  to  latency  and  jitter  are 
tricky  enough  to  accommodate  in  a  cabled  packet-switching 
environment.  The  situation  becomes  more  challenging  when 
using  the  less-predictable  radio- frequency  medium,  and 
delays  caused  by  inter-accesspoint  (AP)  handoffs  enter 
the  picture. 


Find  this  article  at 
www.nwfusion.com/go/wireless 
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Experience  Everything  WLANs  Can  Do  —  With  Chantry  Networks 
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The  potential  of  wireless  technology  for  enhancing  all  aspects  of  our  lives  is 
absolutely  staggering.  Unfortunately,  given  their  limited  capabilities,  many  of 
today's  wireless  networking  solutions  leave  this  potential  essentially 
unfulfilled. 


We  Made  A 


But  Chantry  Networks  has  changed  ail  that. 
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Promising 
Technology 
Live  Up  To 
Its  Promise. 


Right  now,  we're  delivering  nothing  less  than  true  wireless  mobility. 

Chantry's  BeaconWorks™  product  suite  provides  the  industry's  top  mobile 
user  management  system  that  securely  integrates  with  existing  IP  networks 
to  offer: 


Superior  performance  in  scale,  capacity  and  throughput  for  "always 
on"  voice,  data  and  video  connectivity  —  seamlessly  —  regardless  of 
user  location 


Plug-and-play  design  and  out-of-the  box  compatibility  that  leverages 
investments  in  existing  networks  and  VPNs  —  for  optimized  TCO 


Simplified  network  management  through  network  virtualization 
that  allows  unparalleled  management,  security,  quality  of  service  and 
flexible  deployment  models  to  maximize  effectiveness  of  applications 
and  the  mobile  user's  wireless  experience 


Delivering  on  the  promise  of  true  wireless  mobility 


Visit  www.chantrvnetworks.com  to  learn  how  BeaconWorks  can  help  you. 
After  all,  there's  a  lot  to  be  said  for  true  wireless  mobility  ...  and  that's  why 
we've  done  more  than  just  talk  about  it. 
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For  other  great  newsletter  topics, 
go  to  www.nwfusion.com/go/nt1018 
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Web -based  access 
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Secure  KVM  over  SP  switch 
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Cyclades  AlterPath™  KVM/net 
offers  a  unique  set  of  features: 

■  Server-based  authentication 

(NT  domain,  LDAP,  Secure  ID,  RADIUS,  TACACS+) 

■  16  and  32  port  models 

■  CAT5  cabling  up  to  500  feet 

■  User  access  logging 

■  System  event  syslog 

■  Integrated  power  management 

We've  worked  our  magic. 

Now  you  can  work  yours. 


Over  80%  of  Fortune  100 
choose  Cyclades. 

www.cyclades.com/nw 

1.888.cyclades  ■  sales@cyclades.com 


wt 

cyclades 


©2004  (ydodes  Corporation.  All  rights  reserved.  All  other  trademarks  and  produd  images  ore  property  of  their  respedive  owners.  Pradvd  information  subjed  to  change  without  notice. 


GTA  Firewall  Products 

Tough  Network  Security 


H2A  -  High  Availability 

Gigabit  Ethernet  Support 

NIC  expansions 

Affordable  pricing 

GTA  Experience  -  Building 
Firewalls  for  Over  1 0  Years 


Choose  from  5  Firewall  Appliances  to 
Match  Your  Network  Infrastructure 

Easy,  Flexible  Implementation 

Certified  to  ISCA  4.0  Corporate 
Standards 

IPSecVPN 

Surf  Sentinel®  2.0  -  Content  Filtering 


A  KVM  switch  allows  single  or  multiple 
workstations  to  have  local  or  remote  access  to 


SERVERS  WITHIN  YOUR  REACH 


AUSTRALIA 


5r,«©fe  Electronics 

Stand  iff  'Road 
Texas’  77099 
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+281  933  7673 
%  ,  ,.+44  (0)  1264  850574 


+  65  6324  2322 
'+617  3388  1540 


multiple  computers  located  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
traditionally  provided  cost  savings  in  reducing 
energy  and  equipment  costs  while  freeing  up 
valuable  real  estate. 

Recognized  as  the  pioneer  of  KVM  switch 
technology,  Rose  Electronics  offers  the 
industry's  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 
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Rose  Electronics  is  privately  held  with  world- 
headquarters  jn  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  arid  Distributors,  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 
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FROM  ANYWHERE 


UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 


Connects  up  to  1000  computers  to  a  KVM  station 
Models  for  4,  8,16  computers 
Advanced  visual  interface  (AVI) 

Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 
Connects  to  PS/2,  Sun,  USB,  or  serial  devices 
Converts  RS232  serial  to  VGA  and  PS/2  keyboard 
Free  lifetime  upgrade  of  firmware 
Security  features  prevent  unauthorized  access 
Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 
simultaneous  booting 
Easy  to  expand 
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ELECTRONICS 


RackView™ 

KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 


Local  or  Remote  Server  Management  Solutions 


UltraMatrix  Remote 


REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


800  333  9343 

WWW.ROSE.COM 


Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

High  quality  video  up  to  1280  x  1024 
Scaling,  scrolling,  and  auto-size  features 
Secure  encrypted  operation  with  login  and  computer 
access  control 

Advanced  visual  interface  (AVI) 

No  need  to  power  down  servers  to  install 
Free  lifetime  upgrade  of  firmware 
Available  in  several  models 
Easy  to  expand 


Reading  someone  else’s  copy  of  igwork® 

NetworkWorid 


Apply  for  your  own  FREE 
subscription  today 

subscribenw.com/b03 


FREE  subscription 
(51  Issues) 


Apply  online  at: 

subscribenw.com/b03 


subsGribenw.com/b03 

Apply  for  your 

FREE 

Network  World 
subscription  today! 
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I  set  up  the  appliance  in  just  a  few 
minutes  and  it  found  all  my  errors. 


BlueCat  Networks 

simple,  secure  and  affordable  appliances 


Call  us: 

1.866.895.6931 


Schedule  your  free  demo  today. 

Visit  www.bluecatnetworks.com/adonis/nww 
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Adonis  DNS/DHCP  Appliance 


BlueCat  Networks,  the  BlueCat  Networks  logo.  Adonis  DNS/DHCP  Appliance,  XHA  and  the  Adonis  logo  are  trademarks  of  BlueCat  Networks.  Inc. 
Active  Directory  is  a  registered  trademark  of  Microsoft  Corporation. 


Sniffers,  probes,  and  IDS  can  be  a  network  manager's  best  friends. 
But  how  many  are  enough?  Don't  spend  thousands  on  unnecessary 
analysis  hardware  and  software. 


Centralize,  share,  and  manage  your  monitoring  equipment  with 
IntellaPatch  -  your  new  best  friend. 


IntellaPatch  features  remote  management  and  non-intrusive 
switching  capabilities.  You  save  valuable  time,  eliminate 
redundant  equipment,  and  reduce  ongoing  maintenance  costs 


Now  you  can  manage  your  sniffers,  and  your  budget,  without 
restraint. 


Ethernet 


Fibre  Channel 


SONET/SDH 


Learn  more  about  how  sniffer  sharing  with  APCON  physical  layer  switch 
solutions  will  benefit  your  bottom  line.  Visit  www.apcon.com  to  receive 
our  complimentary  product/application  guide  and  white  paper. 
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l  www.apcon.com 


1.800.624.6808 


Network  Boot  Bar 


Control  Power  on  Any  AC 
Powered  Device ... 

Via  Web  Browser,  Telnet, 
Modem  or  Local  Terminal 
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Servers,  routers,  and  other  electronic  equipment 
occasionally  “lock-up”,  often  requiring  a  service  call 
to  a  remote  site  just  to  flip  the  power  switch  to  perform 
a  simple  reboot.  With  WTI’s  Remote  Power  Switches, 
you  can  perform  reboot  and  On/Off  control  from 
anywhere! 
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Web  Browser  Access  for  Easy  Setup  and 
Operation 

Encrypted  Password  Security 

Dual  15  Amp  Power  Circuits 
Total  30  Amps  Maximum  Load 

115  VAC  and  230  VAC  Models 
Sixteen  (16)  Individual  Outlets 
RS232  Modem  /  Console  Port 
Network  Security  Features 
Power-Up  Sequencing 

Also  Available  in  4,  8  &  16  Plug  Models  and 
Horizontal  1U  and  2U  Models 

Web  Browser  Interface 
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Want  an  On-Line  Demo? 

Just  call  or  email  and  you’ll  see  for  yourself  why  so  many 
network  professionals  choose  WTI. 


Yes,  We  are  Customer  Friendly! 

V  Two  Year  Warranty 

V  We  Stock  for  Same  Day  Shipment 

V  30  Day  No-Fee  Return  Policy 

/  Start-up  Cables  and  Rack  Kits  Included 
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Inputs 
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www.wti.com 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  •  92618-2517  •  (800)  854-7226 


How  much  can  your  network  analyzer  see? 

Observer  is  the  only  fully  distributed  network  analyzer  built  to 
monitor  the  entire  network  (LAN,  802.1 1  a/b/g,  Gigabit,  WAN). 
Download  your  free  Observer  10  evaluation  today  and  experience 
more  comprehensive  real-time  statistics,  more  expert  events,  and 
more  in-depth  analysis  letting  you  dive  deeper  into  your  network 
than  ever  before.  Choose  Observer. 

-  DRRGER-  Guard  against  the  latest  network  threats  by  identifying 
and  isolating  infected  systems  automatically. 

-  DRTR  Mini  HG-  Analyze  gigabit  traffic  and  massive  amounts 
of  data  with  Observer's  expanded  options  for  data  mining. 

-JUnK  TRRFFiC-  Identify  broadcast  storms,  monitor  excessive 
traffic,  and  optimize  bandwidth  with  Observer's  many  utilization 
metrics  and  over  30  real-time  statistics. 


US  &  Canada  toll  free  800.526.5958 

fax  952.932.9545 

UK  &  Europe  +44(0)  1959569880 

www.networkinstruments.com/analyze 
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dtSearch  developer  or  multi-user  licenses  in  the  past  two  years 


Instantly  Search  Gigabytes  of  Text  Across 
HlSVCllVIl  a  PC,  Network,  Intranet  or  Internet  Site 
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Publish  Large  Document  Collections 
to  the  Web  or  to  CD/DVD 

♦  over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 

♦  highlights  hits  in  HTML,  XML  &  PDF  while  displaying  embedded 
links,  formatting  &  (IfflEMEH  - 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet, 
email,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 

dtSearch  Reviews... 


The  most  powerful  document  search  tool  on  the  market” 

—  Wired  Magazine 

Intuitive  and  austere  ...  a  superb  search  tool”  —  PC  World 

♦  “Blindingly  fast”  —  Computer  Forensics:  Incident  Response 

Essentials 

A  powerful  arsenal  of  search  tools”  —  The  New  York  Times 

♦  “Covers  all  data  sources  ...  powerful  Web-based  engines” 
—  eWEEK 

♦  “Searches  at  blazing  speeds”  —  Computer  Reseller  News 
Test  Center 
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Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 


Sentry  CDU  Cabinet  Power  Distribution 


Power  demands  from 
today's  new  servers  require 
greater  power  distribution 
in  the  equipment  cabinet. 
The  Sentry  CDU  distributes 
power  for  up  to  42  dual- 
power  1 U  servers  in  one 
enclosure.  Single-phase  or 
3-phase  input  with  110  VAC, 
208  VAC  or  mixed  110/208 
VAC  single-phase  outlet 
receptacles. 


High-density  Equipment  Cabient  Power  Distribution 

84-Outlet  Receptacles 

20,000  Watt  3-Phase  Power  Distribution  Model  < 

10,000  Watt  208  VAC  Power  Distribution  Model 

True  RMS  Power  Monitoring  per  Branch  Circuit 
Local:  Digitial  Displays,  Remote:  via  Interface 

Input  Power  Monitoring  Facilitates  Load  Balancing 

Web  Interface 

SNMP,  MIB  &  Traps  < 

Integrated  Temperature  &  Humidity  Probes 

Color-coded  Outlets  by  Branch  Circuit/Electrical 
Phase  for  Easy  Identification 

Center  Rail  "Notch"  for  Simplifying  Cabinet  Installation 


Server  Technology,  Inc. 

1040  Sandhill  Drive 
Reno,  NV  89521-USA 

BP§]  toll  free  +1 .800.835.1515 
KfiSal  tel +1.775.284.2000 
I  I  fax  +1 .775.284.2065 
www, servertech.com 
sales@servertech.com 


©Server  Technology,  inc.  Sentry  is  a  trademark  of  Server  Technology,  Inc. 


Your  FREE  subscription  includes: 


5 1  weekly  issues  divided  by  technology  sections  including: 


»-  High  News 
s-  Infrastructure 
>•  Service  Providers 
»-  Enterprise  Applications 
Net.Worker 


>-  Technology  Update 
»■  Management  Strategies 
>■  OpEd 

»•  Features/Tests 
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Go  to  http://subscribenw.com/m^ 
for  your  free  subscription  tod; 


Subscribe  today  and  receive  your  own 
1-year  subscription  for  FREE 

a  $129.00  value! 


Reading  someone 
else's  issue  of 

NetworkWorld? 


PK  Bird's  €ye 
Software 

Site  Initiator/Supervisor/ 

.  Investigator  indoor/outdoor 
mapping  W-LAN  coverage 
solution. 
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802.11  bg  W-LAN  ANALYZER 


>  2.4  GHz  SPECTRUM  ANALYZER 
>  Dual-band  802.11b  &  g  demodulators 

>  Direction  Finding  of  Rogue  AP’s 


Berkeley  Varitronics  Systems  Metuchen,  NJ  08840 

(732)548-3737  www.bvsystems.com 


FIBER  OPTIC  SOLUTIONS 


•  Tl/El  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ethernet/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  ISO-9001 

•  USB  Modem  and  Hub 


Toll  Free  866-SITech-l 
630-761-3640,  Fox  630-761-3644 
www.sitech-bitdriver.com  or  www.sitechfiber.com 
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Climate  Monitor 

$389 


Ethernet/Web 

Temperature 
Air  Flow 
Humidity 
Door  position 
Sound 
Light  Level 
Power 

Video  optional 
16  external  sensors 


Rack  Mounted 

Monitor  Multiple  Cabinets 

HTML  (no  client  needed) 
SMTP  (e-mail  alerts) 
SNMP  (MIB,  Traps) 
Graphing 
Console 
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See  it  working  at:  www.ITWatchdogs.com 
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Enter  code  NWW2004 
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Bally  Gaming  +  Systems  is 
seeking  a  Director  of  Research 
&  Development  for  the  MindPlay 
product  group  in  its  Las  Vegas, 
NV  office.  The  Director  will  man¬ 
age  and  develop  all  aspects  of 
software  development  for  Bally's 
advanced  table  games  manage¬ 
ment  technology  group.  This 
group  utilizes  an  artificial  intelli¬ 
gence  hardware/software  sys¬ 
tem  that  utilizes  an  embedded, 
high-speed  image  processing 
and  computer  vision  compo¬ 
nents.  Bally  requires  qualified 
applicants  to  be  "hands-on" 
managers  who  will  help  define 
the  overall  architectures,  specif¬ 
ic  interfaces  and  functionalities 
of  Bally's  system.  This  includes 
both  leading  and  assisting  elec¬ 
trical,  mechanical  and  software 
engineers  in  developing  advanc¬ 
ed  mathematical  algorithms  and 
software  specifications  and  lan¬ 
guage  for  the  optical  hardware 
and  computer  vision  software 
used  in  Bally's  system.  The 
applicant  must  be  able  to  partic¬ 
ipate  in  the  development  of  the 
system  software.  Qualified  appli¬ 
cants  must  have  a  U.S.  Bachel¬ 
or’s  Degree  or  equivalent  in 
Computer  Science,  Engineering 
or  a  related  field,  plus  seven 
years'  of  progressively  more 
responsible  experience  in  in- 
depth  object  recognition,  com¬ 
puter  vision,  algorithm  develop¬ 
ment  and  imaging  hardware 
design  for  dynamic  environ¬ 
ments.  Gaming  experience 
required.  For  consideration, 
please  send  your  resume  to: 
Bally  Gaming  +  Systems 
ATTN:  Director  of 
Technology  Recruiting 
6601  S.  Bermuda  Road 
Las  Vegas,  NV  89119-3606 


Information  Systems  Manager 

-  Reqs:  BS  degree  in  Info  Sys¬ 
tems  or  related  field.  2-yrs  exp  in 
related  occupation.  Exp.  to 
include  Network  &  Database 
Admin,  ERP  Admin,  Computer 
Programming  (Client/Server  & 
Web),  IS  Supervision  in  discrete 
mfg  environmt.  Proficiency  8 
exp.  w /  the  following  or  similar 
s/w:  Win2k  Svr,  Linux/Unix, 
SLMail/Exchange,  BackupExec, 
Symantec  AV,  ASP,  HTML, 
iHTML,  Frontpage,  VFP,  Access. 
Thorough  knowledge  &  exp.  in 
ERP  modules  incl:  Distribution, 
Mfg,  Fin.,  &  integration  of  ERP 
modules  w/  3rd  party  s/w. 
Duties:  Dev.  IT  strategies  to  sup¬ 
port  co.  goals:  recommend  req. 
h/w  &  s/w  upgrades;  work  w/ 
dept.  mgrs.  to  implement  I.S. 
apps;  Coord,  w /  vendors  for 
acquisition  of  products  8  ser¬ 
vices;  Implement  max.  network 
8  Internet  availability;  Ensure 
max. network  &  data  security; 
Maintain  user  network  accts; 
Assign  user  permissions  to  net¬ 
work  resources;  Setup  &  main¬ 
tain  network  printers  8  servers; 
Troubleshoot,  repair,  8  deploy 
apps  on  client  PC's;  Admin,  mail 
server,  network  anti-virus,  & 
RDBMS;  Perform  systems  an¬ 
alysis  &  design;  Develop  VFP 
apps;  Provide  technical  &  func¬ 
tional  support  for  existing  ERP 
s/w;  Dev.  new  ERP  prog,  which 
supports  co.  Lean  Mfg;  Dev.  web 
apps  8  assist  in  improving  exist¬ 
ing  co.  website;  Integrate  exist¬ 
ing  apps  w /  web  apps  8  create 
programs  to  synchronize  web 
data  w /  in-house  data;  other 
duties  as  assigned.  Send 
resume  to:  HRD,  Bullfrog  Inti, 
668  W  14600  S,  Bluffdale,  UT 
84065. 


AS/400  LEAD  OPERATOR: 

AS/400  Specialist  responsible 
for  daily  system  operations,  soft¬ 
ware  releases,  implementation, 
security;  admin  8  developing 
documentation.  Train  operators. 
Req  Business  Recovery  and 
management  skills.  Job  located 
in  Miami,  FL.  Supervise  6  em¬ 
ployees;  Bachelor  Degree  in 
Computer  Sciences  or  equiv 
educ  &  exp;  2  yrs  exp.  in  the  job 
offered  or  2  yrs  exp.  as  a  A/S 
400  System  Operator:  $44,080 
per  yr;  9:00am-5:30pm;  40  hr 
wk.  Send  resume  to  Agency  for 
Workforce  Innovation,  Re: 
JOFL-2565132,  P.O.  Box  10869, 
Tallahassee,  FL  32302. 


IT  PROFESSIONALS 
Manager 

(Glen  Mills,  Pennsylvania  and  other  locations  through  the  U.S.). 
Coordinate,  design  and  implement  technology  enabled  business  solu¬ 
tions  involving  integration  of  ERP/CRM  applications  such  as  Oracle  and 
Siebel  through  Tibco.  Function  as  an  integrator  between  business  needs 
and  technology  solutions,  leading  the  architecture  of  the  technical  solu¬ 
tions  by  creating  process  flows,  designing  documents,  and  developing 
and  implementing  test  scenarios.  Diagnose  client/technical  issues,  man¬ 
age  projected  time-lines  to  effectively  deliver  interfaces  according  to 
deadline.  Lead  team  of  consultants  and  provide  them  with  direction  and 
advice  on  design  of  documents,  building  interfaces,  testing  and  deploy¬ 
ment.  Serve  as  a  mentor  to  the  team  members  in  technologies  such  as 
Oracle  ERP,  Siebel  CRM,  Tibco  Adapters,  Oracle  PL/SQL,  SQL,  Java, 
C++,  and  Integration  Managers.  Manage  day-to-day  client  relationships 
at  peer  client  level.  Engage  in  overall  project  analysis  by  assessing  pro¬ 
jected  timetables,  project  expectations  and  available  financial  and  human 
capital  resources.  Participate  in  proposal  development  and  sales  pre¬ 
sentations  involving  Enterprise  Application  Integration  (EAI)  using  Tibco. 
and  Enterprise  Resource  Planning  (ERP)  applications  such  as  Oracle 
ERP. 

The  wage  offered  is  $102,000  per  year.  The  work  schedule  is  Monday- 
Friday,  9:00  am  to  5:00  pm.  The  minimum  requirements  are  as  follows: 
Bachelor's  degree  or  equivalent  in  Mechanical  Engineering  or 
Engineering  +  5  years  of  experience  in  the  job  offered  or  5  years  of  expe¬ 
rience  as  a  Manager,  Senior  Consultant,  Consultant  or  Associate 
Consultant.  Employer  will  regard  a  foreign  degree  to  be  equivalent  to  a 
U.S.  Bachelor's  degree  as  determined  by  an  accredited  credentials  eval¬ 
uation  service.  Related  experience  must  include  at  least  three  years  of 
Java,  SQL  and  C++  programming  languages  and  at  least  one  year  of  EAI 
Solutions  Middleware,  Tibco  middleware,  Oracle  ERP,  Oracle  PL/SQL 
and  Siebel  CRM. 

Please  send  your  resume  or  CV,  referencing  Job  Order  Number 
WEB460739  to  the:  PA  Careerlink,  701  Crosby  Street,  Suite  B,  Chester, 
PA  19013-6096.  EOF. 


Oracle  Applications  Database  Administrator.  Provide  production  support 
DBA  services  for  Global  Oracle  Applies,  v.11.0.3  running  on  SUN  Solaris, 
incl  all  ERP  &  CRM  modules;  provide  production  support  for  Oracle  9i 
D/base  support  for  Red  Hat  N/work  &  Red  Hat.com  running  on  Red  Hat 
Linux  7.2;  provide  DBA  services  for  Oracle  11  i  upgrade,  incl  migrating 
11.0.3  to  1 1  i  &  switching  from  SUN  Solaris  to  Linux,  &  upgrading  Oracle’s 
RDBMS  (Relational  Database  Management  System)  from  8.1.7  to  9i  &  9i 
applies  server;  migrate  8  support  Oracle  Applic  Servers  on  Apache  Web 
Server;  upgrade  8  patch  current  Oracle  Applies  using  Oracle's  std  tool 
set;  monitor  8  tune  Oracle  Applies  SQL  to  improve  performance  in  pro¬ 
duction  &  dvlpmt  envrmts;  monitor  &  adjust  growth  of  Oracle  d/bases;  pro¬ 
vide  DBA  support  for  Oracle  Applies  Dvlpmt  group  8  Red  Hat  N/work 
engrs;  dvlp,  implmt  8  support  reporting  envrmt  that  enables  Red  Hat 
employees  to  perform  data  mining  on  Red  Hat  data.  Req:  Bach  (or  equiv) 
in  Comp  Engg  or  Comp  Sci;  3  yrs  in  job  offd  or  3  yrs  as  S/ware 
Engr/Oracle  Applies  DBA;  I)  Min.  3  yrs  of  1)  Oracle  Applies  DBA  exp  on 
SUN  Solaris  or  Sequent  Dynix  systms,  incl  installation  &  implmtn  of  ERP 
&  CRM  modules,  d/bases  &  servers;  2)  Oracle  Applies  Patching;  3)  Exp 
creating  &  tuning  SQL  8  PL/SQL  scripts;  4)  Exp  in  d/base  backup  &  recov¬ 
ery  procedures,  d/base  creation,  8  DBA  maintenance  tasks  w/Oracle 
Applies;  5)  Exp  w/Oracle  Applies  advanced  performance  8  applies  tuning 
&  Unix  shell  scripting;  II)  Min.  2  yrs  of  exp  performing  upgrades  8  migra¬ 
tions  of  Oracle  Applies  systms  from  9.4.2.  to  11  i  &  Oracle  Applies  d/base 
upgrades  from  7.x  to  current  release;  III)  At  least  1  yr  practical  exp 
w/HTML  &  JSP  Also  reqd:  Willingness  8  ability  to  provide  24/7  on-call 
support,  telephonically  &  in-person,  in-house  &  at  client  sites,  on  alternate 
wks.  Hrs:  40+;  Salary:  $  85K/yr.  Interested  applicants  apply  at  nearest 
Employment  Security  Commission  office  or  send  resume  to  Employment 
Security  Commission,  3351  Carl  Sandburg  Ct,  Raleigh,  NC  27610.  All 
resumes  &  applications  must  incl  SS#  &  refer  to  JO#  NC7251711  &  DOT 
code  039.162-010. 


SYSTEMS  ENGINEER  (Tampa, 
FL)  -  Resolve  systems  design  & 
implementation  problems  for 
international  clientele  in  accor¬ 
dance  with  company  standards 
8  practices.  Initiate  &  provide 
conceptual  solutions  to  satisfy 
new  &/ or  changing  business 
rqments.  Provide  technical  eval¬ 
uations  of  hardware,  software  & 
tools  &  procedures  utilizing 
COBOL,  Easytrieve,  JCL  8  DB2. 
Determine  the  impact  on  pro¬ 
posed  changes  on  system  archi¬ 
tecture  8  provide  technical  solu¬ 
tions  to  meet  documented 
requirements  within  schedule 
Identify,  recommend  &  docu¬ 
ment  effective  design  method¬ 
ologies  &  tools  to  be  utilized  dur¬ 
ing  the  design,  coding,  testing, 
implementation  &  installation 
phases.  Monitor  system  perfor¬ 
mance  to  identify  areas  that 
need  improvement.  Position 
requires  a  Bachelor's  Degree  in 
Bus.  Admin  or  Comp.  Info 
System,  oral  &  written  fluency  in 
Spanish  &  Portuguese  &  2  yrs  of 
exp  in  the  job  offered  or  as  an 
Engineer,  Programmer  or  An¬ 
alyst.  2  yrs  of  exp  must  include 
exp  with  data  processing  using 
COBOL,  Easytrieve,  JCL  &  DB2 
M-F,  9-5,  40  hrs/wk.  $71,500/yr. 
Submit  resume  to  Agency  for 
Workforce  Innovation,  PO  Box 
10869,  Tallahassee,  FL  32302- 
0869,  Job  Order  FL-2563128 


Senior  Programmer  Analyst  -  At 
Quest  Diagnostics,  Inc,  we've 
become  the  nation's  most  re¬ 
spected  name  in  diagnostic  test¬ 
ing  by  focusing  on  integrity,  in¬ 
novation  and  qualify.  We’ve  cre¬ 
ated  an  environment  where  ded¬ 
icated  professionals  can  learn, 
grow  and  advance  -  all  in  an 
atmosphere  of  pride.  We’re  cur¬ 
rently  seeking  a  Senior  Pro¬ 
grammer  Analyst  to  be  based  in 
Lyndhurst,  NJ.  Candidate  will 
perform  overall  design  8  archi¬ 
tecture  for  IDAA  computer  sys¬ 
tem  for  order  entry  8  processing 
of  clinical  lab  tests.  Code,  de¬ 
sign,  test,  document  8  maintain 
IDAA  (Oracle/UNIX).  Utilize  iLog 
rules  and  CHARVA  to  program 
JAVA  nClasses  for  user  inter¬ 
faces.  Reqfs:  Bachelor's  degree 
in  Comp.  Sci.,  Electronics,  or 
related  field,  and  5  yrs  exp.  in 
Software  Development  Exp. 
must  include  5  yrs  exp  with 
JAVA.  UNIX,  Oracle  and  n-tier 
architecture  of  business  info 
processing  systems,  and  exp 
with  CHARVA  and  iLog  Rules. 
EOE/M/F/D/V.  Please  add 
source  code:  41625  and  forward 
your  resume  to  Email: 
Charlene.  R.Troncelliti@auest 

diaanostics.com  or  Fax:  610- 
650-2056. 
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System  Analyst.  Two  positions 
open.  Oversee  computer  system 
reqs  at  company  that  compiles 
int'l  trade  data  into  proprietary 
s/w-based  systems  to  conduct 
data  analyses.  Monitor  WAN / 
LAN  tor  bandwidth  usage,  traffic 
pattern,  &  security  loop-hole. 
Perform  security  patch,  s/w 
upgrade,  backup,  &  user  sup¬ 
port.  Maintain  CISCO  Routers, 
Switches,  PIX  Firewall,  Fiber 
optical  module,  Gigabit  network 
setup,  &  PowerVault/SAN  stor¬ 
age  solution.  Be  avail,  after- 
hours  in  emergency.  Configure 
Firewall,  DNS,  &  VPN;  set  up 
iMail  &  Anti-Spam  s/w,  Norton 
Virus  Scan,  Windows  Active 
Directory,  PDC,  BDC,  &  security. 
Assist  in  dev.  Store  Procedure  & 
Triggers.  Maintain  multiple  high 
avail,  and  perf.  databases  (con¬ 
sisting  of  int'l  trade  data  w/diff. 
currencies  &  trade  terminology). 
Implement  Microsoft  SQL  Secur¬ 
ity,  linked  server,  log  shipping, 
reporting  services,  &  server  farm 
configuration.  Assist  in  s/w  test¬ 
ing  &  client  support.  Prereqs: 
Bach,  in  computer  sci.,  comput¬ 
er  eng,  or  related  field,  PLUS  2 
yrs  in  job  offered  OR  2  yrs'  in 
computer  system  administration 
or  database  design.  Post  grad, 
ed.  in  computer  sci.  or  computer 
eng.  may  substitute  up  to  2  yrs' 
prereq  exp.  Competitive  Salary. 
Job  Location:  Columbia,  SC. 
Respond  to;  Global  Trade 
Information  Services  Inc.;  ATTN: 
R.  Locklear;  DOL-JK-1;  2218 
Devine  St;  Columbia,  SC  29205. 


BCCUSA,  Inc  -  South  Portland, 
ME  needs  experienced  Pro¬ 
grammer  Analyst  having  a  Bach¬ 
elors  Degree  with  minimum  two 
years  of  progressive  work  expe¬ 
rience  in  developing  Sybase 
applications  using  Sybase/ASE 
12.5/12/11.5,  T-SQL,  Actuate 
and  MQ  Series.  Should  have 
experience  in  performance  tun¬ 
ing  of  Stored  Procedures  and 
SQL  queries  using  Showplan  & 
Statistics  I/O.  Should  have  expe¬ 
rience  in  writing  scripts  using 
Unix  Shell  and  PERL  to  auto- 
mize  day  to  day  manual  pro¬ 
cess.  Must  have  used  utilities 
like  BCP,  DEFNCOPY,  FTP. 
Prefer  experience  in  Database 
backup  and  restore.  Competi¬ 
tive  salary  and  benefits.  M-F,  40 
hours/week.  Please  mail  your 
resume  to  BCC  USA  Inc.,  HR 
Department,  650  Main  Street 
Suite  201,  South  Portland,  ME  - 
04106. 


Programmer  for  sys.  analysis, 
d/zn.,  &  dev.  of  large  enterprise 
applns.  w /  d/base  &  internet 
tech.  Use  obj.  oriented  d/zn  & 
structured  sys.  analysis  &  d/zn., 
s/w  dev.  &  intgrn.  on  multiple 
CPU  servers.  S/W  dev.  w / 
J2EE,  Java,  XML,  DTD,  Perl, 
PHP4,  C,  Pro*C,  Socket  &  Shell 
program,  on  UNIX.  Sys.  integrn. 
on  Sun's  1280  servers  w/ 
SAML,  Weblogic,  iplanet  web 
servers.  D/base  d/zn  &  prog,  in 
Oracle  us/ng  SQL  &  PL/SQL. 
Intgrn.  of  Kenan's  billing  w / 
ISP's  op/n.  supp.  s/w.  Intgrn  of 
external  a/c  agg.  s/w  w/  online 
bnkg.  s/w.  BS  in  CS  +  2  yr  exp. 
in  job  duties.  Comp,  salary. 
Apply:  Unilinx  -  Code  RV,  4625 
Alexander  Dr.,  #110,  Alpharetta, 
GA  30022  with  proof  of  perm. 
W/k  authzn. 


Fixed  Income  Analytics  Integra¬ 
tion  Developer,  Wachovia  Sec¬ 
urities,  Charlotte.  Provide  tech¬ 
nological  and  analytical  support 
to  primary  trading  areas.  Reqs. 
MA  in  Math  or  Eng.  2  yrs  exp.  in 
pos.  offered  or  as  a  Software 
Developer,  Information  Technol¬ 
ogy  Officer,  or  Mathematician. 
The  2  yrs  exp.  must  incl.  work 
developing  and  integrating  ana¬ 
lytics  for  capital  markets  trading. 
1  yr.  exp.  must  incl.  work  with 
Java,  relational  databases  and 
object  oriented  design.  M-F,  8- 
5,  Send  resume  to  Meredith 
Elberson,  Wachovia  Corp.,  401 
South  Tryon  Street,  15th  Floor, 
Charlotte,  NC  28288-0475.  No 
phone  calls. 


Software  Engineer  sought  by  D- 
T-H  satellite  television  company 
in  Littleton,  CO  to  work  in  Engle¬ 
wood, CO  &  other  unanticipated 
job  sites  in  the  U.S.At  a  senior 
level  engage  in  full  life-cycle 
software  development  of  manu¬ 
facturing  &  financial  software  ap¬ 
plications  in  a  client/server  envi- 
ronment.The  applications  incor¬ 
porate  the  ORACLE  relational 
database  management  system 
&  operate  using  UNIX,  Windows 
or  DOS  operating  systems.  An¬ 
alyze  requirements;  create  de¬ 
signs;  code,  test,  debug,  modify 
&  implement  the  software  appli¬ 
cations.  Create  documentation 
&  provide  customer  support  as 
needed. Maintain  existing  appli¬ 
cations  &  systems,  including  up¬ 
grading  applications.  Utilize  PL/ 
SQL,  ShellScript  &  Developer 
2000  in  designing  &  developing 
the  software  applications.  Re¬ 
quires  a  bachelor's  degree  or 
foreign  equivalent  in  computer 
science  or  related  field.  2  years 
experience  completing  full  life- 
cycle  software  development  of 
applications  in  a  client/server 
environment  which  incorporates 
the  ORACLE  relational  data¬ 
base  management  system  &  us¬ 
ing  PL/SQL,  ShellScript  &  Dev¬ 
eloper  2000-type  tools.  8AM- 
5PM,  M-F;  $75, 000/year.  Res¬ 
pond  by  resume  to:  Employment 
Programs,  PO  Box  46547, 
Denver,  CO  80202  &  refer  to  job 
order  No.  CO5094561. 


COMPUTER  GRAPHIC 

ARTIST/ILLUSTRATOR 

Design  &  create  computer  gra¬ 
phics;  paint  illustrations  &  hand 
sketches  for  web  sites  &  market¬ 
ing  material;  design  logos  & 
other  digital  imaging  /  print  work. 
Create  animated  objects  &  char¬ 
acters  using  hand  drawing  & 
sketching  for  products  &  service 
presentation.  Req.  exp  in  fine 
arts,  graphic  design  &  3D  ani¬ 
mation  to  support  internal  mar¬ 
keting  &  Web/Internet  efforts. 
Exp  in  setting  printer  services; 
Job  located  in  Fort  Lauderdale; 
Bachelor  in  Graphic  Design  or 
equiv  educ  &  exp;  2  yrs  exp.  in 
the  job  offered;  $21 .55  per  hour; 
9:00am-5:00pm;  40hr  wk.  Send 
resume  to  Agency  for  Workforce 
Innovation,  Re:  JOFL-  2565636, 
P.O.  Box  10869,  Tallahassee,  FL 
32302. 


Senior  Java  Web  Developer, 
Wachovia  Corp.,  Charlotte,  NC. 
Responsible  for  Java  dvlp.  on 
authentication  and  hosting  dvlp. 
team  using  standard  dvlp.  life 
cycle  methodology  on  projects. 
Reqs.  BA  Info.  Systems  or  Eng. 
&  3  yrs  exp.  in  position  offered  or 
as  a  Software  Developer,  Pro¬ 
grammer,  or  Software  Eng.  The 
3  yrs  exp.  must  incl.  Java  dvlp. 
using  J2SE  and  J2EE  on  Win¬ 
dows  and  UNIX  platforms,  work 
with  Oracle,  SQL,  C/C++,  devel¬ 
oping  N-tier  Java  appl.  for  appl. 
servers  (i.e.  WebSphere,  Web- 
Logic,  iPlanet)  and  SDLC  meth- 
odolog  and  work  with  cryptogra¬ 
phy  tools.  M-F,  8-5,  Send  res¬ 
ume  to  Randall  Buck,  Wachovia 
Corp.,  1525  West  W.  T.  Harris 
Blvd.  Bldg.  3A1,  Charlotte,  NC 
28262.  No  phone  calls. 


IT  Financial  Analyst  needed 
to  provide  account  mgmt, 
sales  &  bus  dvlpmt, 
resource  staffing  &  out¬ 
sourcing,  product  dvlpmt  & 
mgmt  of  large,  mission-criti¬ 
cal  IT  projects;  build  &  man¬ 
age  multi-million  $  portfo¬ 
lios;  conduct  presentations. 
Resume  to:  Global  Con¬ 
sultants,  Attn;  Hireme,  25 
Airport  Rd,  Morristown,  NJ 
07960 


Computer  Professionals 
(Multiple  Openings) 

Software  Engineer/Systems 
Analyst/Database  Administra¬ 
tor/Network  Administrator, 
Milwaukee,  Wl.  Must  have 
bachelors  degree  or  equiva¬ 
lent  and  experience  in  some 
of  the  following  skills:  C/C++, 
Java,  Web  Methods,  Cold  Fus¬ 
ion,  Microsoft  Technologies  (Vis¬ 
ual  Basic,  .NET,  ASP)  CRM 
(Siebei,  Clarify,  Vantive),  Middle 
Ware  Technologies  (Orbix,  Cor- 
ba,  Tibco,  Vitria)  Data  Ware 
Housing  Tools  (Informatica, 
Data  Stage,  Abinitio,  Business 
Objects,  Cognos,  Micro  Strate¬ 
gy,  Brio)  ERP  (SAP,  People  Soft, 
Oracle  Apps,  Baan),  Mainframe 
(Cobol,  CICS,  JCL,  VSAM)  AS- 
400,  Ecommerce,  Databases 
(SQL  Server/Oracle/DB2/Sy- 
base),  Microsoft  Windows  (95/ 
98/NT/2000, Exchange),  UNIX 
(Sun  Solaris,  HP,  AIX),  Linux 
and  QA(Win  Runner,  Load  Run¬ 
ner,  Silk,  Quickpro,  Manual  Test¬ 
ing).  Position  requirement: 
Must  be  willing  to  travel  and 
/or  relocate  per  project  speci¬ 
fication. Mail  your  resumes  to: 
iobs@iksolutionsinc.com. 

or 

Human  Resource  Director 
IK  Solutions  Inc. 

1840  N.  Farwell  Ave,  Suite  #  306 
Milwaukee,  Wl  53202 


Programmer  Analyst.  Sought  by 
Englewood  Colorado  consulting 
company  to  work  in  various  un¬ 
anticipated  locations  throughout 
the  U.S.  Duties:  Analyze,  plan, 
develop,  test  and  document 
computer  programs  including 
business  and  database  server 
applications.  Evaluate  user  re¬ 
quests  and  software  program 
requirements  for  new  and  modi¬ 
fied  programs.  Write  specifica¬ 
tions,  code,  test  and  debug  com¬ 
puter  programs.  Analyze  and 
design  databases  within  an 
application  area.  Use  of  SQL 
Server,  PL/SQL,  Visual  Basic, 
ASP,  XML,  Crystal  Reports, 
Oracle  and  Windows  NT.  Reqs. 
Bachelor  or  equivalent  in  Com¬ 
puter  Science,  Business  Admin¬ 
istration;  Management  Informa¬ 
tion  Systems  or  related  field. 
Plus  1  year  in  the  job  offered  or 
1  year  in  a  related  occupation, 
including  Consultant,  Application 
Developer.  $55, 744/year,  40/hrs 
/wk,  8:00AM-5:00PM.  Respond 
by  resume  to  WORKFORCE 
DEVELOPMENT  PROGRAMS, 
PO  Box  46547,  Denver,  CO 
80202,  and  refer  to  Job  Order 
No.  CO5093663. 


Senior  Programmer/Analyst  Re¬ 
sponsible  for  design,  develop¬ 
ment,  analysis,  test,  implemen¬ 
tation  and  maintenance  of  GUI 
of  FLiCA  (Flightline  Internet 
Crew  Access)  for  different  air¬ 
lines  under  client/server,  web- 
based  and  wireless  environ¬ 
ments  using  C++,  CGI  Script, 
Delphi,  DHTML,  JavaScript, 
Transact  SQL  stored  procedure, 
multiple-threaded  application 
and  object-oriented  program¬ 
ming  under  windows  98/2000/ 
XP/NT;  Requirements:  A  self¬ 
starter  who  is  able  to  work  inde¬ 
pendently  with  minimum  super¬ 
vision;  Bachelor  Degree  of 
Computer  Science  or  a  related 
field  with  five  or  more  years  of 
equivalent  work  experience. 
Working  Hours:  40hours/week; 
Salary:  $67500/year.  Send  res¬ 
ume  to:  Mr.  Jeff  Copelan  at: 
Flightline  Data  Services,  Inc., 
404  Line  Creek  Drive,  Suite  4, 
Peachtree  City,  GA  30269. 


Leading  software  development 
company  seeks  software  engi¬ 
neers.  Qualified  applicants  must 
have  Masters  degree  or  (US 
equiv)  in  Computer  Science, 
Computer  Information  Systems 
or  Computer  Engineering,  at 
least  2  years  experience  in  posi¬ 
tion  offered  or  as  a  Software 
Developer,  Software  Analyst, 
Systems  Analyst  or  Technical 
Architect  and  experience  with 
Java,  J2EE,  NET,  Clarify,  ERP, 
Oracle,  Rational  Rose  and  Unix, 
Qualified  applicants  send  res¬ 
ume  and  salary  requirements  to 
Princeton  Information,  Ltd., 
13200  Metcalf  Ave,  Ste  260, 
Overland  Park,  KS  66213.  Attn: 
JF. 


SAP  Consultant  needed 
w/2  yrs  exp  in  computer 
programs  using  MM, 
SD,  FI,  CO,  CRM,  BW 
modules  in  SAP  R/3 
w/Oracle  on  Unix  & 
Windows  as  the  presen¬ 
tation  server  employing 
Rapid  Application  Dev¬ 
elopment  (RAD)  & 
Object  Oriented  Meth¬ 
odologies.  Mail  resumes 
to:  Technisoft  Inc.  1279 
Colts  Lane,  Yardley, 
PA19067. 


SOFTWARE  CONSULTANT 

Analyze  &  evaluate  existing  or 
proposed  software  systems. 
Dvlps,  implements  &  improves 
progs.,  sys.  &  related  proce¬ 
dures  to  process  data  using  in- 
depth  knowledge  of  software 
dvlpmnt  life  cycle.  Encodes, 
tests,  debugs  &  installs  operat¬ 
ing  progs.  &  other  sys.  software 
utilizing  ERP  Package  software 
(incl.  MFG/PRO,  SYMIX  &  Pro¬ 
gress)  as  well  as  the  Progress 
4GL  programming  language. 
Bachelor's  degree  (or  equiv.)  in 
Comp.  Sci.,  Math,  Engnrg,  Bus. 
or  Commerce  +  2  yrs  exp.  in 
position  offered  or  as  a  Software 
Engnr,  Prog.  Analyst  or  Sys. 
Analyst  reqd.  Exp.  must  incl:  (a) 
ERP  Package  software  incl. 
MFG/PRO  or  SYMIX,  (b) 
Progress  Database  &  Progress 
4GL,  (c)  Oracle/RDBMS,  &  (d) 
UNIX  Systems.  High  mobility 
preferred.  40  hrs/wk,  OT  as 
reqd,  8  am  -  5  pm,  $66,730/yr. 
Submit  resume  to:  Mon  Valley 
Regional  CareerLink,  Donora 
Industrial  Park,  570  Galiffa 
Drive,  Donora,  PA  15033-1385. 
Refer  to  Job  Order  No.  WEB 
462523. 


COMPUTERS  -  SENIOR  SYST¬ 
EMS  ADMINISTRATOR  -  Finan¬ 
cial  Management  firm  seeks 
Senior  Systems  Administrator  to 
manage,  maintain  and  upgrade 
Solaris/Unix-based  network's 
central  backup  system,  including 
STK  L6000  library  with  STK 
9940B  tape  drives.  Duties  in¬ 
clude  installation/maintenance 
of  the  batch  system  PBS  and  of 
Solaris/Linux  systems;  central 
LDAP  service;  internal  company 
webservice;  central  CUPS- 
based  print  service;  user  sup¬ 
port  and  security.  Master's 
degree  in  Computer  Science  or 
Computer  Studies  and  2  years 
exp.  in  job  duties  required.  Will 
accept  candidates  with  2  years 
experience  as  Systems  Adminis¬ 
trator  of  high  speed  networks  in 
UNIX  environment.  Mail  resume 
to  RTC,  600  Route  25A,  East 
Setauket,  NY  11733,  Attn:  JR. 


Analyst/Project 
Programmer,  Lead 

The  Medical  College  of  Wiscon¬ 
sin  is  seeking  an  analyst/project 
programmer,  lead  for  its  Bioen¬ 
gineering  and  Biotechnology 
Centerto  develop  techniques  for 
analysis  of  data  from  microarray 
and  proteomics  experiments. 
Candidates  must  possess  a 
Master's  degree  in  computer 
science,  computing,  bioinformat¬ 
ics  or  related  and  have  knowl¬ 
edge  of  microarray  data  analysis 
using  Singular  Value  Decompo¬ 
sition,  Statistical  Modeling  of  Mi¬ 
croarray  Data,  and  programming 
using  MATLAB  software.  Three 
years  of  prior  experience  as  a 
software  engineer  or  computer 
programmer  is  also  required. 
To  apply  send  cover  letter  and 
resume  to  Medical  College  of 
Wisconsin,  Employment  Office- 
JMC1018,  8701  Watertown 

Plank  Rd.,  Milwaukee,  Wl 
53226,  fax:  414-456-6502. 


Senior  Client  Server  Develop¬ 
er/Analyst.  Code  business  log¬ 
ic,  GUI  Interfaces  and  database 
interfaces  using  database  spe¬ 
cific  languages.  Design  and 
develop  GUIs  and  screens  (e.g. 
develop  screen  application  tem¬ 
plates;  design  windows,  dia¬ 
logues,  menus  and  toolbars  for 
complex  processes  and  work- 
flows).  Develop  and  coordinate 
the  testing  process  from  small 
application  releases  or  complex 
software  enhancements.  Re¬ 
search  and  recommend  prod¬ 
ucts  and  new  technologies  for 
the  client/server  environment. 
Req.  a  Bach.  Deg.  Or  equiv.  in 
Comp.  Sci.,  Eng.,  Math  or  a 
related  field,  and  2  yrs  of  exp.  in 
the  job  offered,  Software  Appli¬ 
cations,  Develop,  and/or  soft¬ 
ware  eng.  Qualified  candidate 
must  have  at  least  2  yrs  exp.  in 
interface  screen  design/develop, 
and/or  client/server  program¬ 
ming  develop.  Job  located  in 
Jacksonville,  FL.  $85,267/yr.  40 
hrs/wk,  M-F,  9am  -  5pm.  Send 
resumes  to:  Agency  for  Work¬ 
force  Innovation,  Ref:  FL- 
2562153,  P.O.  Box  10869, 
Tallahassee,  FL  32302. 


Software  Engineer:  For  co.  spe¬ 
cializing  in  mktg  &  mnfg  of  com¬ 
puter  software,  design,  code, 
implement  &  test  complex  prod¬ 
uct  enhancements.  This  incl¬ 
udes  researching  new  feature's 
concepts  &  establishing  plans  & 
coordinating  them;  analyze 
problems  &  suggest  innovative 
solutions;  design  &  test  plans; 
train  &  review  design  work  of 
programmers.  Reqs:  Bachelors 
or  equivalent  w /  computer  relat¬ 
ed  coursework  incl.  operating 
systems,  programming  lan¬ 
guages,  computer  application 
development.  3  yrs  exp  in  job 
offered  or  3  yrs  of  programming 
exp.  Exp  must  incl.  Software 
Configuration  Mgmt,  incl.  devel¬ 
oping  &  supporting  version  con¬ 
trol,  defect  mgmt,  change  con¬ 
trol,  Release  Engineering,  Rat¬ 
ional  Clearcase  version  control, 
Multisite,  VOB/View  mgmt.  Pro¬ 
ficiency  in  PERL  Scripting, 
BATCH  Scripting,  Triggers, 
Make,  ClearMake,  Omake, 
UNIX,  Linux,  Windows. 
40hrs/wk.  Send  res.  R-4,  P.O. 
Box  17182,  Phila.,  PA  19105. 


ImageVision.Net,  Inc.  seeks 
Computer  Programmer  in  our 
Middletown,  PA  loc.  Analysis  & 
design  of  software-based  solu¬ 
tions  using  scripting  languages 
in  web  environ.  &  latest  dev.  lan¬ 
guages.  Software  testing  &  doc¬ 
umentation.  Understand  &  ad¬ 
here  to  project  plans.  Use 
Oracle  and  System  Develop¬ 
ment  Lifecycle  process  &  tools 
including  NT  based  web  tech¬ 
nologies,  IE  5.0  and  Netscape 
4.72  browsers,  HTML,  DHTML, 
VB  Script,  Java  applet,  CGI/BIN, 
ASP  and  XML.  Must  have  Bach¬ 
elor  in  Comp.  Science,  Bus. 
Information  Systems,  or  related 
+  6  months  relevant  experience. 
Resume  to  Carolyn  Smith, 
ImageVision.Net,  Inc,,  Twelve 
Oaks  Center,  1801  Oberlin 
Road,  Middletown,  PA  17057. 


Software  Engineer  III.  Develop, 
operate,  maintain  distributed 
software  systems;  lead  team  of 
programmers  developing  soft¬ 
ware  projects;  utilize  MS  SQL  to 
program  &  manage  database 
applications;  perform  software 
costing;  use  3D  programming  to 
build  web  applications.  Require¬ 
ments:  Masters  in  Comp.  Sci.  or 
related  field  PLUS  3  yrs.  exp.*  in 
job  or  as  Software  Engineer/ 
Programmer  incl.  2  yrs.  using 
MS  SQL  &  3D  programming.  *ln 
lieu  of  Masters  &  3  yrs.  exp.,  will 
accept  Bach,  in  Comp.  Sci  or 
related  field  plus  5  yrs.  exp.  in 
job  or  as  Software  Engineer/ 
Programmer  incl.  2  yrs.  using 
MS  SQL  &  3D  programming. 
Send  CV  to  Tietronix  Software 
Inc.,  attn:  HR,  1331  Gemini, 
#300,  Houston,  TX  77058, 
fax:  281-461-9350,  email: 

info@tietronix.com. 


Senior  SAP  Computer  Systems 
Analyst  (National  Placement) 
Must  be  able  to  analyze  systems 
supporting  business  processes, 
design  solutions  using  SAP  R/3 
4.6C,  perform  configuration,  tes¬ 
ting,  develop  programs  using 
ABAP  to  meet  business  require¬ 
ments,  develop  interfaces  using 
EDI,  IDocs,  BAPIs,  perform  sys¬ 
tem  validations.  Must  have  mini¬ 
mum  5  years  of  strong  function¬ 
al  experience  in  customizing, 
implementing  SAP  R/3  Logistics 
-  MM/WM,  IM,  LIV,  Procure¬ 
ment,  AP,  AR,  MRP,  PP  and 
Batch  Management.  Thorough 
understanding  of  SD,  FI  &  expe¬ 
rience  in  integrating  SAP  R/3 
with  i2  TMx  suite  of  products  is 
required.  4  yr  Bachelor  Degree 
in  Management,  Engineering, 
Computer  Science,  Mathemat¬ 
ics,  MIS,  CIS  or  Foreign  Equiva¬ 
lent  required.  $100,000/yr,  40 
hrs/wk,  9a  -  6p.  Send  resumes, 
listing  Job  Order  #  WEB461166 
to  Site  Manager,  Beaver  County 
CareerLink,  2103  Ninth  Avenue, 
Beaver  Falls,  PA  15010-3957. 


Computer  Network  Engineer 
sought  by  computer  networking 
design  company  in  Greenwood 
Village,  CO  to  work  in 
Greenwood  Village  and  other 
unanticipated  job  sites  in  the 
U.S.  Under  close  supervision, 
performs  moderately  complex 
tasks  in  the  design  and  installa¬ 
tion  of  data  communication 
servers  and  networks  running 
TCP/IP  on  Windows  NT/2000  or 
Unix  platforms.  Implements  net¬ 
work  servers  and  hardware  uti¬ 
lizing  Active  Server  Pages, 
QPSK  telecommunication  dev¬ 
ices  and  hardware  level  pro¬ 
gramming  for  network  chipsets. 
Requires  bachelor’s  or  foreign 
equivalent  in  electrical,  electron¬ 
ics  or  computer  engineering;  1 
yr  exp  performing  the  core 
duties  and  utilizing  the  technolo¬ 
gies  described  above.  M-F; 
8am-5pm;  $45,000/yr.  Respond 
by  resume  to  Employment 
Programs,  PO  Box  46547, 
Denver,  CO  80202  and  respond 
to  JON  CO5092241 


Intercall,  Inc.  has  five  openings 
for  Software  Engineers  to  lead 
teams  to  design,  develop  prod¬ 
ucts  for  the  telecom  industry 
using  VB,  Power  Builder,  De¬ 
veloper  2000,  Seagate  Crystal, 
Java,  XML,  HTML,  OOP,  OOD, 
Oracle,  Sybase,  system  archi¬ 
tecture  and  programming  on 
Unix,  Windows  NT  platforms; 
analyze  business  processes  to 
determine  requirements  which 
conform  to  overall  strategic  plan 
and  provide  operations  support; 
train  end  users  and  team  mem¬ 
bers.  Require  MS  (or  foreign 
equiv)  in  CS/Engineering  (any 
branch)/related  field  &  1  yr  exp 
in  IT  or  BS  (or  foreign  equiv)  in 
one  of  the  above  fields  with  3  yrs 
exp  in  IT.  F/T.  Competitive  sal¬ 
ary.  Travel  involved.  Resumes  to 
HR,  Intercall,  Inc.,  1211  O.G, 
Skinner  Drive,  West  Point,  GA 
31833,  Please  refer  Job 
ICI0904. 
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Computer  Systems  Analyst  III, 
Wachovia  Corp.,  Charlotte,  NC. 
Administer  Argo  ECS  4.0  sys¬ 
tem  and  serve  as  Mid-tier  Type 
Architecture.  Reqs.  BA  in  Info. 
Tech,  and  2  yrs  exp.  in  pos. 
offered  or  as  a  Network  Tech. 
Consult.  The  2  yrs  must  incl. 
exp.  networking  GUI  for  existing 
mainframe  and  data  in  a  fin. 
institution  (i.e.  ARGO/Bankpro) 
and  work  designing  &  imple¬ 
menting  a  mid-tier  architecture 
platform  &  troubleshooting  net¬ 
work  problems  w /  Ethernet,  IP 
and  SNA  protocals,  switches, 
routers  and  probes. M-F,  8-5, 
Send  resume  to  Jane  Higgins, 
Wachovia  Corp.,  401  S.  Tryon 
Street,  27th  Floor,  Charlotte,  NC 
28288-0475.  No  phone  calls. 


Purchaser  wanted  by  a 
computer  components 
company  in  Holbrook,  NY  to 
purchase  computer  chips 
and  other  components  for 
resale.  3  yrs  related  exp. 
req'd  and  must  be  familiar 
with  overseas  supply 
sources.  Resume  only  to 
CMB  Components,  Inc., 
630  Broadway  Avenue, 
Holbrook,  NY  11741;  Attn: 
Peter  Castellama. 


Programming  Instructor  De¬ 
velopment  special  teaching 
programs  for  refreshment 
courses.  Borland  Interbase 
MUI  Development,  MS  Ac¬ 
cess,  VB,  Delphi,  PL/SQL, 
ODBC,  Win2000/XP.B.S.  in 
C.S.  Provide  User  train¬ 
ing, database  troubleshoot¬ 
ing,  perfom  buckup  and 
recovery  procedures.  Res¬ 
ume  A-soft  Scientific,  P.O. 
Box  1270,  Roswell,  GA 
30077. 


Programmer/Analyst 

Leominster,  MA  -  Plan,  dev, 
test  &  doc  comp  sftwr  for 
MRPII/  ERP  using  Win  CE, 
wireless  netwk,  embedded 
visual  studio,  pocket  PC, 
Borland  C++,  RPG,  ASP, 
XML,  HTML,  COM,  DCOM, 
VB,  Java,  PL/SQL  w/MS  SQL 
Server  &  DB2  db’s.  Bach¬ 
elor's  degree  in  Comp  Sci. 
Min  2  yrs  exp.  Send  resume 
to:  Director  of  IT,  Alpha  Wire 
Co.,  711  Lidgerwood  Ave, 
Elizabeth,  NJ  07207. 


Programmer  Analysts  to  design, 
develop,  test,  implement  appls 
using  Siebel  tools,  C,  C++,  Java, 
ASP,  Oracle,  JavaScript,  VB¬ 
Script,  HTML,  JDK,  JDBC,  Visu¬ 
al  Basic,  etc  using  UNIX  and 
Windows  OS;  develop,  enhance 
components  of  new/existing 
appls  and  databases;  perform 
reqs  gathering,  analysis,  plan¬ 
ning,  testing,  implementation  & 
troubleshooting.  Require:  BS  or 
foreign  equiv  in  CS  or  Engg(any 
branch)  with  2  yr  exp  in  IT.  High 
salary.  F/T  position.  Travel 
involved.  Resume  to  HR,  Smart- 
soft  International,  Inc.,  3965 
Johns  Creek  Court,  Ste  500, 
Suwanee,  GA  30024. 


Programmer  Analyst  (Multiple 
Positions)  needed  w/2  yrs  exp  to 
design,  develop,  deploy  &  man¬ 
age  applications,  design  backup 
&  fault  tolerant  solutions  using 
Designer,  Visio,  OEM,  Rational 
Rose,  PVCS,  TOAD,  SQL, 
PL/SQL,  Shell  programming 
with  Oracle  &  SQL  Server  as 
RDBMS  on  Windows  &  Unix. 
Mail  res  to:  Empower 
Technology  Solutions  Inc.,  120 
Quarry  Dr ,  2nd  Fir,  Milford,  MA 
01757. 


enterprise  integration 
network  vulnerabilities 
corporate  data  security 
government  compliance 
mobile  &  wireless  security 
business  management  needs 


The  right  IT  professional 
can  jump  the  hurdles  of 
today  s  IT  challenges. 


Call: 

(800)  762-2977 


Computers-Programmer 
/Analysts  needed.  Seek¬ 
ing  qual.  candidates  pos¬ 
sessing  BS  or  equiv. 
and/or  rel.  work  exp.  Part 
of  the  req.  relevant  exp. 
must  include  2  yrs.  work¬ 
ing  with  ClearPath  IX/ 
2200,  SSG  &  DEPCON. 
Fwd.  resume  &  ref.  to: 
Vennsys,  LLC,  Attn:  HR, 
5440  Willow  Rd.,  #117, 
Waunakee,  Wl  53597. 


DBAs  to  install,  configure,  main¬ 
tain  Oracle  Appls  and  Oracle 
Dev.  software;  evaluate,  design 
existing/proposed  Oracle  db 
structures/systems;  analyze  da¬ 
tabase  reqs  of  existing/new 
appls;  monitor  performance, 
tune,  backup/recovery  strategy 
planning,  and  troubleshoot 
problems;  maintain  security  of 
databases.  Require  BS  or  for¬ 
eign  equiv.  in  CS  or  Engg  (any 
branch)  with  2  yrs  exp  in  data¬ 
base  admin.  Comp,  salary.  Tra¬ 
vel  involved.  F/T  openings  in 
Elgin,  IL  &  Lower  Gwynedd,  PA. 
Resume  to:  HR,  Fourth  Tech¬ 
nologies,  Inc.,  585  Tollgate 
Road,  Suite  1,  Elgin,  IL  60123. 
Specify  location  desired,  JobID 
DB964  on  resume. 


Hetrosys,  LLC,  based  in  Detroit, 
Ml  seeks  Applications  Database 
Administrators  and  Sr.  Prog¬ 
rammer  Analysts  for  Detroit  and 
nationwide  opportunities.  App¬ 
lications  DBA  requires  bache¬ 
lor's  in  computer  science,  4  yrs 
exp.  as  DBA  and  working  knowl¬ 
edge  of  Kintana  and  Tick  Mark. 
Programmer  Analyst  positions 
require  3  yrs  exp.  customizing 
and  extending  Oracle  e- 
Business  suite  of  applications 
and  working  knowledge  of 
Oracle  Work  Flow  Development 
Tool.  Apply  via  U.S.  Mail  with 
resume  to  Hetrosys,  LLC,  3757 
S.  Baldwin  Road,  #223,  Lake 
Orion,  Ml  48359. 


Seeking  qualified  applicants  for 
the  following  positions  in  Mem¬ 
phis/Collierville,  TN:  Senior  Pro¬ 
grammer  Analyst.  Formulate/ 
define  functional  requirements 
and  documentation  based  on 
accepted  user  criteria.  Require¬ 
ments:  Bachelor's  degree*  or 
equivalent  in  computer  science, 
MIS,  engineering  or  related  field 
plus  5  years  of  experience  in 
systems/applications  develop¬ 
ment.  Experience  with  COBOL, 
IMS  and  DB2  also  required. 
'Master's  degree  in  appropriate 
field  will  offset  2  years  of  gener¬ 
al  experience.  Submit  resumes 
to  Jay  Boane,  FedEx  Corporate 
Services,  40  FedEx  Parkway, 
2nd  Floor  Horizontal,  Collierville. 
TN  38017.  EOE  M/F/D/V. 


Web  Developer  needed 
w/Bachelors  Degree  or 
Foreign  Equivalent  &  2  yrs 
exp  in  web  application 
using  MTS,  MSMQ,  COM/ 
DCOM/COM+.  C++,  SQL 
Server,  Crystal  Reports, 
DB2  Mainframe,  Visual 
StudioNET.  ASP.NET, 
ADO.NET,  C#  &  VB.NET. 
Domestic  travel  is  req’d. 
Mail  Resumes  to:  Open 
Systems  Technologies, 
Inc.  8  Winter  Street,  6th 
Floor,  Boston,  MA  02108. 


Clutchpoint  delivers  innovative 
IT  solutions,  has  openings  for 
experienced  Prog/Systems  An¬ 
alysts,  S/W  Engineers  with  any 
of  following  skills:  Oracle,  Sy¬ 
base,  SQL,  C/C++,  Visual  C++, 
OOD,  Java,  Web  Tech,  UNIX, 
NT,  VB,  ASP.  HTML,  SAP, 
Peoplesoft  ERP.  Send  resumes 
to  iobs@clutchpoint.com.  EOE 

Techgene  Solutions  has  open¬ 
ings  for  Software  Engineers  or 
other  IT  staff.  Candidates  must 
have  BS/MS  with  experience. 
Prefer  skills  in  Cobol,  JCL, 
Oracle,  SQL,  VB,  C/C++.  Travel 
may  be  required  for  some  posi¬ 
tions.  Competitive  salary.  Please 
apply  at  bapujik@yahoo.com. 
No  calls.  EOE. 


Technical  Software  Consulting, 
Inc.  seeks  software  engineers  or 
system/programmer  analysts  or 
DBA  to  develop  system  applica¬ 
tions  for  clients.  Minimum  re¬ 
quirement  is  BS/MS  with  IT 
experience.  Competitive  wage 
with  full  benefits,  sponsor  H-1  / 
green  card.  Send  resumes  to 
hr@tsc-inc.com.  EOE. 


Multiple  openings  for  IT  profes¬ 
sionals  by  Z3  Technologies  to 
design  and  customize  applica¬ 
tions.  Travel  may  be  required. 
Candidates  must  have  BS/MS 
with  exp.  Following  skills  prefer¬ 
red:  Oracle,  Sybase,  SQL, 
C/C++,  Visual  C++,  OOD,  Java, 
Web  Tech.  Please  contact 
info@z3technolooies.com.  EOE 


Software  Engineer  sought  by 
comp  services  Co  specializing  in 
Magic  Software  to  dvlp,  implmt, 
test,  document  &  support  cus¬ 
tomers.  As  Co.  is  supporting 
other  Magic  dvlprs,  Enhanced 
Magic  knowl  is  necessary.  Must 
have  Bach  &  5  yrs  exp  w/Magic 
prgmg  incl  version  9.4.  Must 
have  exp  w/HTML,  Java  Script, 
MS-SQL,  Oracle,  Web-services. 
Resume  to  Ronen  Canetti, 
Owner,  WizMagic,  LLC  4024 
Radford  Ave.,  Bldg  2,  Rm  201, 
Studio  City,  CA  91604. 


Software  Engineer  w/bach  or 
foreign  equivalent  in  Comp. 
Sci  or  Engg.  or  Math  +  1  yr 
exp  in  Java,  Servlets,  JSP, 
EJB,  XML,  JavaScript,  ASP, 
Visual  Basic,  SQL  Server 
database,  create  data  ware¬ 
house  and  client  server 
applic.  using  Oracle,  PL/SQL 
as  ETL  &  Business  Objects  as 
OLAP  Reporting  Tool.  Mail 
res:  eBusinesscorp  Inc.  209 
West  Central  Street,  Suite 
106,  Natick,  MA  01760. 


Software  Engineers 
Sybor  Technologies  Inc. 
seeks  qualified  Software 
Engineers.  Bachelors  de¬ 
gree  required  with  experi¬ 
ence  in  developing  and 
implementing  programs 
using  SYBASE  ECMAP 
and  SYBASE  Adaptive 
Server  Enterprise.  Reply 
by  mail  to:  3506  Highway 
6  South,  #249,  Sugar 
Land,  TX  77477. 


System  Analyst.  Perform  comp¬ 
uter  system  analysis  &  program¬ 
ming  to  meet  client's  business 
requirements;  design  &  implem¬ 
ent  computer  data  networks  in¬ 
cluding  install  &  configure  net¬ 
work  equipment;  work  on  Spect¬ 
rum  Element  Manager  Network 
Management  System;  use  BP- 
CS  6.2,  AS/400,  RPG/400,  RP- 
GLE  &  AS/SET,  OS/400,  Win  NT 
4.0,  VAX/VMS  5.2  &  variants  of 
UNIX.  Req:  Bachelor  or  equiva¬ 
lent  (accept  3-yr  college+PG 
diploma  as  equiv),  6-month  exp 
as  Programmer/Analyst  or  IT 
Consultant.  40hrs/wk,  8-5pm, 
$48k/yr.  Send  resume  to:  Emp¬ 
loyment  Security,  32  S.  Main  St., 
Concord,  NH  03301-4857,  Re: 
2004-469.  Employer  paid  ad. 


Jr.  Programmer  Analyst.  Dvlp. 
create,  &  modify  computer  app. 
s/w  incl.  Oracle  databases  & 
new  versions  of  the  Oracle 
RDBMS.  Design  security  for  all 
of  the  Oracle  Databases. 
Coordinate  database  dvlpmt, 
create  &  design  logical  &  physi¬ 
cal  models  for  the  OLTP  &  OLAP 
appl.  using  tools  incl.  Erwin, 
Oracle  Designer.  Assist  in 
designing  the  Datamarts  & 
Datawarehouses  using  Kimballs 
&  Inmons  methodologies.  Req: 
BS  in  Engineering  plus  2  yrs. 
exp.  Sal:  Open.  40hrs/wk. 
Job/Interview  Site:  Des  Moines, 
IA.  Send  resume  to  Chuck 
Gutta,  Emprise  Consulting  LLC 
@  200  E  Sandpointe  Ave,  Suite 
725,  Santa  Ana  ,  CA  92707 


Software  Engineer  needed 
w/MS  in  Comp.  Sci.  or  Engg. 
or  Math  &  1  yr.  exp  in  s/w 
applications  using  VB  on 
Windows.  Customizing  Test 
Director  using  C++,  Jasmine 
ii,  Uni-Center  TNG,  HL7  & 
DICOM,  WinRunner,  SMS  & 
mathematical  modeling  using 
MatLab,  Maple  &  S-Plus.  Exp 
prior  to  MS  degree  accept¬ 
able.  Mail  Resumes  to: 
EBusinesscorp  Inc,  209  West 
Central  Street,  Suite  106, 
Natick,  MA  01760. 


Netrion  Corp.  seeks  multiple 
Systems  Analysts  to  dsgn,  dvlp, 
customize,  implmt,  &  support 
Peoplesoft  applies  for  clients. 
Eval  client's  business  process 
needs,  dvlp  specs  &  setup 
Peoplesoft  HRMS  applic  mod¬ 
ules.  Conduct  data  conversion, 
testing,  dsgn,  documentation  & 
perform  related  duties.  Travel 
reqd.  Associates  deg  in  sci  or 
engg  related  study  is  reqd  w/2 
yrs  related  exp.  Send  resume  to 
Netrion  Corp.,  380  S  Schmale 
Rd.  Ste  202,  Carol  Stream,  IL 
60188. 


Software  Engineer 
(Applications)  utiliz¬ 
ing  CAD/CAM  in  San 
Jose  @  $8 1  k/yr. 

Travel  w/in  US  req. 
40%  of  the  time.  Mail 
to  Micronic  Laser 
Systems,  Inc,  1922 
Zanker  Rd.,  San 
Jose,  CA  95112  or 
fax  (408)  392-2261. 


Computer  Programmer 
Wanted 

To  code,  lest,  and  document 
computer  programs  using 
JAVA,  JSP,  Java  script,  Py¬ 
thon,  SQL,  FreeBSD.  Solaris, 
Windows  2000  server  on  MS 
SQL  Server  2000  and  MySQL 
databases.  Req.  BS  or  foreign 
equiv.  in  CS,  Engineering,  or  a 
related  field  and  proficiency  in 
Java,  JSP  MySQL,  FreeBSD, 
and  Solaris.  40hrs/wk.  Fax 
resume  to  HR,  Experclick,  Inc. 
at  805-456-0166.  Ref.  Code: 
CA-JL. 
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Events  and  Executive  Forums 


Network  World  Events  and  Executive 
Forums  produces  educational  events 
and  executive  forums  worldwide, 
including  our  one  day  Technology  Tours, 
customized  on-site  training,  and  executive  forums  such  as  DEMO®, 
DEMOmobile®,  and  VORTEX,  as  well  as  the  DEMOIetter  and  VORTEX 
Digest  newsletters.  For  complete  information  on  our  current  seminar 
offerings,  call  us  at  800-643-4668  or  go  to  www.nwfusion.com/events. 


Publicize  your  press  coverage  in 
Network  World  by  ordering  reprints  of 
your  editorial  mentions.  Reprints 
make  great  marketing  materials  and 
are  available  in  quantities  of  500  and 
up.  To  order,  contact  Reprint 
Management  Services  at  (717)  399- 
1900  x129  or  E-mail:  mshober@reprintbuyer.com. 


Being  vigilant  helps  avoid  surprises, 
in  SANs  as  in  life. 

There  are  probably  things  happening  right  now  on  your  SAN  that  could  lead  to 
appalling  performance  or  a  complete  system  crash. 

You  don't  know  when  it  will  happen. 

You  don’t  know  how  it  will  happen. 

But  when  it  does  happen,  you’ll  wish  you  were  aware  things  were  building  up  to  give 
you  a  nasty  surprise,  an  expensive  surprise. 

Research  shows  that  SAN  downtime  can  cost  organizations  $100,000  per  minute, 
or  more.*  Finisar’s  NetWisdom  and  Xgig  solutions  help  you  avoid  these  costs  by 
monitoring  your  SAN  to  stop  degradation,  CRC  errors  and  events  that  impact  your 
most  critical  applications,  business  data  and  transactions. 

View  our  web  seminar,  including  a  customer  case  study  and  demo  of  NetWisdom 
by  visiting  www.finisar.com/plan 

Avoid  nasty  surprises.  Monitor  your  SAN  and  hang  on  to  your  budget. 


F  inis  a  r 


Finisar  has  been  speeding  up  networks  and 
delivering  best-of-breed  products  and  testing 
solutions  since  1988.  NASDAQ:  FNSR. 


Source:  Fabric  Computing:  Beyond  the  N-tier  Data  Center,  RBC  Capital  Reports  Oct  2003 
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Spyware 

continued  from  page  1 

information  or  sends  viruses. 

«  The  nonprofit  Internet  Educa¬ 
tion  Foundation  and  Dell  last 
week  launched  a  campaign  to 
help  consumers  fend  off  spyware. 
The  foundation  published  on  its 
Web  site,  www.getnetwise.org, 
video  tutorials  and  tips  for  Inter¬ 
net  users  to  keep  spyware  off 
computers  and  detect  any  spy- 
ware  already  installed.  It  directs 
visitors  to  dozens  of  free  and 
commercial  tools  to  easily  re¬ 
move  spyware.  The  foundation’s 
members  include  America  On¬ 
line,  Microsoft  and  AT&T. 

Vendors  are  increasingly  focus¬ 
ing  on  products  to  combat  spy- 
ware,  as  was  evident  this  week 
with  announcements  from  Blue 
Coat  Systems  and  Computer 
Associates,  (see  story  below). 

The  FTC  filed  its  complaint 
against  Seismic  Entertainment 
Productions  and  SmartBot.Net.as 
well  as  the  owner  of  both  compa¬ 
nies, Sanford  Wallace,  who  earned 
the  nickname  “Spamford”  in  the 
1990s  for  his  junk  e-mail  opera¬ 
tions  through  another  company 
Cyber  Promotions.  In  the  com¬ 
plaint  the  FTC  asserts  that  Web 
sites  operated  by  Wallace  were 
loading  spyware  onto  visitors’ 
computers  without  their  consent 


by  exploiting  holes  in  Microsoft’s 
Internet  Explorer. 

The  spyware  changed  the  user’s 
home  page,  triggered  pop-up  ads 
and  crashed  computers,  accord¬ 
ing  to  the  FTC.  After  creating  the 
problems,  the  spyware  caused  a 
CD-ROM  tray  on  the  computers  to 
open,  and  then  sent  a  warning 
that  said, “You  desperately  need  to 
rid  your  system  of  spyware  pop- 
ups  IMMEDIATELY!”  The  message 
included  a  recommendation  to 
download  purported  anti-spy- 
ware  products,  called  SpyWiper 
and  SpyDeleter,  promoted  by  the 
Web  sites  for  about  $30.  (See  Col¬ 
umnist  Mark  Gibbs’  take  on  the 
government’s  action,  page  70.) 

The  case  was  expected  to  begin 
earlier  this  month  in  a  New  Ham¬ 
pshire  U.S.  district  court.The  most 
immediate  action  might  entail  a 
judge  issuing  an  order  that  could 
temporarily  shut  down  Wallace’s 
companies,  observers  say 

In  addition  to  asking  a  federal 
court  in  New  Hampshire  to  issue 
an  order  to  prevent  Wallace  and 
his  companies  from  disseminat¬ 
ing  spyware,  the  FTC  wants  to  pur¬ 
sue  unspecified  monetary  dam¬ 
ages.  (Seismic  Entertainment  is 
said  to  have  its  principal  place  of 
business  in  Rochester,  N.H.) 

“Consumers  don’t  deserve  to  be 
pestered  and  spied  on  by  people 
who  illegally  hijack  their  comput¬ 


iind  pur  owi  business 

Steps  are  being  taken  at  the  federal  and  state 

government  levels  to  address  spyware. 

•  The  U.S.  House  of  Representatives  this  month  passedThe 
Internet  Spyware  Prevention  Act,  which  makes  anyone  caught 
installing  spyware  to  change  a  computer’s  security  settings  or 
steal  personal  information  liable  for  up  to  two  years  in  prison. 

•  The  House  also  passedThe  Spy  Act,  which  requires  software 
that  collects  users’  personal  information  to  notify  users  of  its 
installation,  obtain  their  consent  before  installation  and  provide 
an  easy  uninstall  option.  Violators  could  be  fined  up  to  $3  million. 

•  The  Senate  earlier  this  year  passed  the  Spy  Block  Act  with 
similar  provisions  to  those  in  the  House  bills. 

•  The  FederalTrade  Commission  last  week  asked  a  U.S.  district 
court  in  New  Hampshire  to  shut  down  Seismic  Entertainment 
Productions  and  SmartBot.Net  for  unfair  and  deceptive  trade 
practices  related  to  spyware. 

•  A  California  law  that  takes  effect  Jan.  1,  calledThe  Consumer 
Protection  Against  Spyware  Act,  bans  software  that  secretly 
steals  personal  information  or  sends  viruses. 


ers,”  says  Lydia  Parnes,  acting 
director  of  the  FTC’s  Bureau  of 
Consumer  Protection.  “This  is  our 
first  spyware  case,  but  it  won’t  be 
our  last.” 

The  FTC’s  case  was  spurred  in 
part  by  a  complaint  filed  against 
Seismic  Entertainment  and 
another  company  MailWiper,  by 
the  Center  for  Democracy  and 
Technology  (CDT),  a  Washington 
advocacy  group. 

The  spyware  problem  has  risen 


Blue  Goat,  CA  on  the  spyware  patrol 


With  spyware  looming  larger  as  a  security 
threat,  vendors  are  rolling  out  products 
aimed  at  combating  the  menace. 

This  week  Blue  Coat  Systems  will  upgrade  its 
Web  proxy  appliance  with  tools  that  can  block 
spyware  from  entering  an  organization  and  halt 
previously  infected  PCs  from  communicating 
with  spyware  sources. 

With  this  upgrade  (free  for  existing  customers), 
Blue  Coat's  ProxySG  appliance  will  be  able  to  fil¬ 
ter  code  being  downloaded  from  the  Web  and 
block  installation  of  spyware  such  as  "drive-by” 
installers  orTrojans,  says  Chris  King,  the  com¬ 
pany's  marketing  director. 

Spyware-based  communication  from  infected 
PCs  attempting  to  send  collected  information 
across  the  Internet  also  would  be  stopped,  he 
says. 

Glenn  Wright,  senior  telecommunications  tech¬ 
nologist  for  the  state  of  Delaware's  department 
of  technology  and  information,  which  manages  a 
network  of  nearly  150,000  users,  says  in  addition 
to  crashing  PCs,  spyware  is  a  problem  in  terms 
of  "bandwidth  utilization."  The  state  is  planning  to 
upgrade  its  Blue  Coat  appliance  with  spyware 
blockers. 

Spyware  is  coming  to  play  a  role  in  the  Network 
Admission  Control  (NAC)  program  started  by 


Cisco  last  year,  which  until  now  has  been 
focused  on  virus  and  worm  problems  and  how  to 
isolate  infected  or  vulnerable  desktop  computers 
until  a  remediation  process  takes  place. 

Computer  Associates  (CA),  which  recently  pur¬ 
chased  anti-spyware  software  vendor  Pest- 
Patrol,  announced  it  has  joined  the  multi-vendor 
NAC  initiative  to  make  sure  spyware  detection 
and  eradication  is  included  as  part  of  the  net¬ 
work  quarantine  capability. 

“What’s  important  is  not  allowing  the  PC  onto 
the  network  unless  it’s  behaving  properly,  and 
that  includes  spyware  as  well  as  viruses," -says 
Sam  Curry,  vice  president  of  eTrust  security 
management  at  CA.  CA  plans  to  integrate  a  core 
software  component,  the  CiscoTrust  Agent,  into 
PestPatrol  Anti-Spyware  and  eTrust  AntiVirus 
by  next  month  so  both  will  work  as  NAC-compli- 
ant  software  in  the  Cisco  network-quarantine 
process. 

Curry  says  CA  also  is  working  with  Microsoft 
in  a  parallel  effort  called  Network  Access 
Protection  (NAP) .  Anti-spyware  controls  will 
play  a  part  in  what  CA  accomplishes  in  NAP  iso¬ 
lation  technology,  which  was  started  after 
Cisco’s  NAC. 

—  BY  CARA  GARRETSON  AND  ELLEN  MESSMER 


to  “epidemic  proportions”  in  the 
last  six  months, says  Mike  Steffen, 
a  policy  analyst  at  CDT. 

CDT,  which  issued  a  spyware  re¬ 
port  last  November,  asked  Internet 
users  to  notify  it  about  specific 
problems  they  experienced.  The 
feedback  about  Seismic  Enter¬ 
tainment  and  MailWiper’s  soft¬ 
ware  SpyWiper  led  CDT  to  file  its 
complaint  with  the  FTC.  Steffen 
says  it  appears  that  Web  banner 
ads  at  gaming  and  sports  sites  that 
might  have  appeared  as  innocu¬ 
ous  public-service  messages 
about  heart  disease  were  able  to 
hijack  the  browser’s  home-page 
setting,  changing  the  Web  site  to 
one  owned  by  Seismic  Entertain¬ 
ment.  This  is  sometimes  called  a 
“drive-by  download.” 

Steffen  says  the  CDT  was  glad  to 
see  the  FTC  follow  up  on  the 
complaint. 

Wallace  last  week  said  the  FTC’s 


case  against  him  is  unwarranted 
and  he  intends  to  fight  it.“We  feel 
our  actions  are  fully  legal,”  he 
said,  while  adding  that  he’s  open 
to  changing  some  practices. 

“There’s  some  political  motiva¬ 
tion  here,”  Wallace  added.  “They 
went  after  someone  with  a 
controversial,  high-profile  back¬ 
ground,  and  they  want  to  paint 
me  as  the  poster  boy  in  all  this.” 

He  says  Seismic  is  bankrupt. 

Companies  that  make  a  living 
off  Web  ads  —  and  that  are  eager 
to  distance  themselves  from  any 
connection  to  spyware  — 
applauded  the  FTC’s  enforce¬ 
ment  actions. 

“We’re  happy  to  see  the  space 
cleaned  up,” says  Pete  Celano.vice 
president  of  marketing  at  Weather 
Bug.com,  which  markets  desktop 
software  for  weather  information 
to  consumers  and  businesses. 

The  Gaithersburg, Md,. company 
claims  its  Web  site  has  no  spy- 
ware  in  it  and  cites  an  audit  from 
an  outside  firm,  Aluria  Software, 
as  verification. 

IT  professionals  who  have 
added  anti-spyware  software  to 
their  users’  desktops  are  also 
skeptical  that  government  action 
to  either  ban  spyware  or  chase 
after  those  that  create  it  will  not 
do  much  good. 

“It’s  a  lofty  goal,”  says  Chris 
Hoff,  chief  information  security 
officer  at  Western  Corporate 
Federal  Credit  Union,  which  pro¬ 
vides  check  imaging  and  back- 
office  management  services  for 
about  1,000  credit  unions. 
“Wiping  out  spyware  is  nice  in 
theory  but  as  it  has  with  spam¬ 
mers,  new  laws  will  probably  be 
largely  ineffectual.”  ■ 
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continued  from  page  10 

up  data  to  disk  and  then  to  tape.  With  the  SATA  drives,  much  of  the 
information  that  was  backed  up  to  tape  will  migrate  to  SATA. 

Analysts  have  said  that  you  have  some  holes  to  fill  to  offer  an  end-to-end  ILM 
strategy.  What  would  you  say  those  holes  are  and  how  are  you  going  to  fill 
them? 

Before  acquiring  Storability  storage  resource  management  was  obvi¬ 
ously  a  hole.  We  are  also  in  the  process  of  coming  out  with  a  fixed 
content  system  [for  archival  data]. 

Is  StorageTek's  plan  to  gain  technology  through  acquisition  or  build  your  own? 

We  do  both. We  have  expanded  our  investments  in  R&D  in  the  ILM 
area  by  a  factor  of  three  in  the  last  couple  of  years.  On  the  other 
hand,  no  one  company  has  a  handle  on  all  the  intellectual  property 
in  the  world, so  we  are  constantly  looking  for  opportunities.  If  that 
opportunity  lets  us  get  to  market  sooner  with  a  strong  product,  we’ll 
acquire.  We  typically  like  to  make  [technology]  because  we  can  inte¬ 
grate  it  into  our  products  more  efficiently  but  we  are  not  shy  about 
purchasing  technology  ■ 
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Padian  routinely  uses  the 
phone  to  set  up  breakfast,  lunch 
and  dinner  plans  with  friends  or 
to  schedule  meetings  in  the 
library  Her  personal  directory 
has  about  70  names. 

It  adds  up  to  a  lot  of  calling.  On 
a  typical  week,  students  rack  up 
about  325,000  cell  minutes,  and 
another  75,000  to  100,000  walkie- 
talkie  minutes. 

Morrisville  set  itself  apart  a  year 
ago  by  unplugging  wired  phones 
in  its  dorms  and  issuing  cell 
phones  to  all  residential  stu- 
dents.To  do  so,  it  struck  a  cre¬ 
ative  deal  with  Nextel  Partners, 
the  Kirkland, Wash., cellular 
provider  that  serves  small  and 
midsize  markets  over  the  Nextel 
Communications  network. 

The  all-cellular  plan  grew  out 
of  the  college’s  embrace  of 
mobile  computing  and  commu¬ 
nications  technology  says  Jean 
Boland,  vice  president  for  IT  ser- 
vices.The  school  introduced  IBM 
ThinkPad  notebooks  in  1998,  and 


Got  great  ideas 


■  Got  a  suggestion  for  a 
Wider  Net  story?  An  offbeat 
network  industry-related 
topic?  A  fascinating  personali¬ 
ty  we  should  profile?  Contact 
Bob  Brown  with  your  ideas  at 
bbrown@nww.com. 


a  year  later,  a  campus-wide  2M 
bit/sec  wireless  data  network 
based  on  802.11  frequency-hop¬ 
ping,  spread-spectrum  gear  from 
Raylink,a  Raytheon  spinoff. 

One  result,  Boland  says,  was 
that  students  became  nomadic, 
creating  via  wireless  computing 
an  array  of  formal  and  informal 
teams  anywhere,  for  work  and 
play 

“The  next  component  was 
mobile  communications:  being 
able  to  stay  in  touch  with 
whomever  you  wanted,  when¬ 
ever  you  wanted,”  she  says.’The 
landlines  just  weren’t  cutting  it.” 

Making  a  special  deal 

Boland  first  talked  with  two  cel¬ 
lular  carriers  that  offered  service 
in  the  Morrisville  area,  but  neither 
was  interested.  Nextel  was. 

Tire  carrier  put  together  a  com¬ 
plete,  redundant  infrastructure  — 
a  cell  tower  with  multiple  anten¬ 
nas  and  repeaters  —  to  blanket 
the  campus,  and  changed  a  vari¬ 
ety  of  business  practices  to 
accommodate  students.  One 
change  was  its  credit  require¬ 
ments,  because  most  students 
don’t  have  any  credit. 

“After  some  trial  and  error,  we 
came  up  with  a  plan  for  a  $50 
deposit  [by  the  student]  ,”says 
Kevin  McKenzie,  general  man¬ 
ager  for  Nextel  Partners’  Syracuse 
market. 

Another  change  was  a  flexible 
contract  period  because  stu¬ 
dents  wouldn’t  be  around  for  a 
full  12  months. 

The  college,  by  contrast,  made 


A  Morrisville  State  College  student  collects  a  Nextel  cell  phone  as  part  of 
this  fall's  registration  process.  The  central  New  York  college  was  the  first 
in  the  nation  to  go  with  all-cellular  phone  services  for  dorm  students. 


use  of  a  number  of  existing  prac¬ 
tices  and  procedures,  which 
smoothed  the  introduction.  As 
with  landline  fees,  the  cell  phone 
fees  for  students  are  included  in 
the  residence  hall  charges.The 
new  i205  has  a  vibration  feature, 
so  ring  tones  don’t  have  to  inter¬ 
rupt  classes  or  disturb  concerts 
and  library  sessions.  Caller  ID  is 
part  of  the  base  service. 

If  students  want  long-distance, 
they  can  select  from  various 
Nextel  plans,  starting  at  $30  per 
month.  Nextel  has  shaved  a  bit 
off  these  charges  for  students, 
according  to  the  college. 

The  cell  phone  program, 
including  an  on-campus  store 


WLAN 

continued  from  page  8 

WLAN  switch  company  Airespace  OEM  deals  with 
NEC,  Alcatel  and  Nortel.  Rival  Trapeze  recently 
signed  a  joint  development  deal  with  3Com  through 
which  the  companies  will  collaborate  on  future 
3Com  products. 

“I  don’t  know  on  what  basis  they  draw  that  con¬ 
clusion  [that  the  market  is  going  to  be  owned  by 
incumbents],” says  Brett  Galloway Airespace’s  presi¬ 
dent  and  CEO. “There  is  very  clearly  demand  for  an 
overlay  WLAN  infrastructure.  And  we’re  meeting  that 
demand.” 

But  could  Cisco  dry  up  that  demand,  with  its  push 
to  incorporate  WLAN  functions  into  its  Catalyst 
switch  line? 

“There  are  successful  companies  that  have  com¬ 
peted  with  Cisco, such  as  firewall  or  bandwidth  man¬ 
agement  companies,”  says  Galloway  who  previously 
headed  Packeteer  in  the  bandwidth  management 

market. 

Storm  Ventures  incubated  Airespace,  and  investors 
there  say  they’re  confident  about  the  future.  Com¬ 
panies  like  Cisco  have  been  saying  for  two  years  that 
YvTAN  functions  will  be  a  part  of  the  wired  switch 
architecture, says Tae  Hea  Nahm,a  founding  partner 
for  the  venture  fund.  “But  wireless  is  a  very  tough 


medium.You  can  have  the  best  packet  processing  on 
your  switch,  but  if  the  user  can’t  get  on  your  [wire¬ 
less]  network,  who  cares?” 

Nahm  shrugs  off  the  demise  of  Legra  and  AirFlow. 
“It’s  a  Darwinian  process  and  not  many  of  [the  start¬ 
ups]  are  going  to  survive,”  he  says. 

Trapeze  President  and  CEO  Jim  Vogt  says  the 
WLAN  market  is  so  big  it’s  “too  early  to  say  that  the 
big  incumbents  will  prevail.  It’s  big  enough  to  sustain 
new  players,  in  a  potential  IPO.” 

The  3Com  deal  exemplifies  how  Trapeze  plans  to 
be  one  of  those  players.  Vogt  says  the  deal  will  go 
far  beyond  a  traditional  OEM  agreement,  which 
has  one  vendor’s  product  simply  relabeled  with 
another  name.“We’re  doing  a  tighter  integration  of 
our  technology  on  their  platforms,”  he  says.  The 
next  phase  in  the  partnership  will  be  licensing 
Trapeze  software  across  an  ever-wider  array  of 
3Com  switches. 

But  it’s  still  an  approach  that  in  effect  buries  the 
WLAN  inside  wired  switch  gear. 

“Our  latest  figures  show  healthy  growth  [for  the 
WLAN  switch  vendors],”  Synergy’s  Vance  says. 
“They’re  carving  out  their  own  space.” 

But  in  the  long  run, he’s  less  optimistic.“A  more  inte¬ 
grated  approach  will  probably  win  out,”  he  says.’The 
technologies  of  these  start-ups  will  be  an  extension 
of  the  larger  network  infrastructure.”* 


and  some  maintenance  work,  is 
managed  by  the  Morrisville 
Auxiliary  a  nonprofit  group  typi¬ 
cal  in  New  York  and  California 
higher-education  systems  for 
managing  services  such  as  food 
service  and  trash  pickup.  The 
group  had  to  come  up  with  a 
new  system  for  handling  the 
cell  phones,  but  modeled  parts 
of  it  after  the  system  used  to  dis¬ 
tribute  and  support  notebook 
computers. 

Some  colleges  have  treated 
telco  service  as  a  revenue 
source,  using  student  and  depart¬ 
ment  fees  as  a  way  to  fund  parts 
of  the  campus  network.  But  oth¬ 
ers,  including  Morrisville,  calcu¬ 
late  a  service  fee  and  bundle  it 
with  other  fees  for  services  into 
the  overall  charge  for  on-campus 
residence. 

When  the  service  was  unveiled 
a  year  ago,  Meghan  Padian’s  first 
reaction  was  “Why  do  I  need 
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this?”  She  already  had  a  cell 
phone,  a  gift  from  her  parents. 
Then  she  realized  the  new 
phone  would  put  her  in  instant 
connection  with  nearly  every  stu¬ 
dent  on  campus,  and  via  the 
walkie-talkie  connection,  with 
her  mom,  also  a  Nextel  user. 

Boland  says  student  dropouts 
last  year  after  the  fall  semester 
dropped  by  2%.  She  can’t  be  cer¬ 
tain  it’s  related  to  the  immediacy 
of  relationships  engendered  by 
the  cell  phone,  but  she  thinks  it 
might  be. 

Another  benefit  of  the  new 
program  is  that  the  college  now 
can  reach  every  one  of  its  resi¬ 
dential  students.The  registration 
process  at  the  start  of  the  school 
year  picks  up  the  student’s  name 
from  the  magnetic  strip  on  his 
ID  card. 

“We  can  reach  almost  every 
student,”  Boland  says.“Most  cam¬ 
puses  can’t  do  that.” 

So  far,  there  are  no  plans  to 
unplug  the  campus  PBX  or  the 
faculty  office  phones.  But  that  is 
one  option  to  be  considered  in 
the  future.  Boland  also  is  watch¬ 
ing  the  development  of  3G  cel¬ 
lular  data  services,  with  through¬ 
put  up  to  2M  bit/sec  in  some 
applications.“At  some  point, 
we’ll  have  to  figure  out  what  we 
do  with  wireless  data  access,” 
she  says. 

At  least  for  now,  the  college 
plans  to  keep  running  its  data 
and  voice  networks  separately 

In  the  meantime,  the  shock 
troops  of  the  digital  generation, 
students  like  Padian  continue  to 
be  plugged  in  to  cellular  reality 
for  about  half  of  their  waking 
hours.“I  think  of  it  as, ‘It  just 
comes  so  natural,’  ’’she  says.* 
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BUSINESS  WIRELESS 


■  ACCESS  POINTS 


WG302 

802.  /  Ig  Wireless  Access  Point 


lproSafe 


TM 


Part  of  NETGEAR's  standards-based  family 
of  ProSafe  products,  the  WG302  delivers 
the  interoperability,  investment  protection, 
and  scalability  that  wirelessly  connects  all 
business. . .  all  of  the  time. 


-  ANTENNAS  &  ACCESSORIES 

-  ADAPTERS 
SWITCHES 
SECURITY 


All  Business. .  .All  of  the  Time 

NETGEAR®'s  ProSafe™  802.1 1  g  Wireless  Access  Point  WG302 
sets  the  new  standard  for  security  and  scalability 

NETGEAR's  ProSafe  802.1 1  g  Wireless  Access  Point  WG302  delivers  the  secure,  reliable,  high  performance  wireless  local 
area  networks  (WLANs)  today's  mobile  workforce  demands.  With  its  robust  security  measures,  simplified  management 
and  configuration,  extended  range,  integrated  IEEE  802.3af  Power  over  Ethernet  (PoE),  and  Wi-Fi  certification,  the 
WG302  brings  standards-based  enterprise-level  functionality  at  a  mid-market  price.  Fully  compatible  with  IEEE 
802.1 1  g  and  WPA  /  802.1 1  i  -  ready  functionality,  it  can  also  be  set  for  dynamic  1 08  Mbps  802.1 1  g.  And,  with  Propagate 
Networks'  AutoCell™  RF  management  technology,  the  WG302  offers  dynamic Tx  power  control  and  automatic  channel 
selection  to  automatically  tune  and  balance  signals  across  the  network,  thus  minimizing  channel  interference  and 
maximizing  performance.  An  optional  Enhanced  RF  Privacy  mode  offers  another  level  of  perimeter  security.  To  learn 
more  about  NETGEAR's  ProSafe  WG302  with  AutoCell  technology,  visit  www.netgear.com/go/euwg302 


utoCell 

ENABLED 


AutoCell-enabled  WLAN  networks  deliver  maximum 
performance  up  to  four  times  greater  than  Wi-Fi 
networks  without  AutoCell,  according  to  performance 
tests  conducted  byTheTolly  Group®,  Inc.,  in  August  2004. 
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of  NETGEAR,  Inc.  All  rights  reserved.  Other  brands  and  products  are  trademarks  of  their  respective 
holders.  Specifications  subject  to  change  without  notice. 
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Various  types  of  blindness 

F 


rom  the  apologies  department: 
A  couple  of  weeks  ago  1  wrote 
that  several  companies  seemed 
committed  to  spamming  me  even 
though  I  had  unsubscribed  several 
times  to  each  of  the  various  lists 
they  had  added  me  to. 

I  accused  Dotster  of  such  behav¬ 
ior.  Turns  out  I  had  in  fact  once  registered  a  do¬ 
main  through  them,  and  though  I  don’t  remember 
checking  a  box  that  said  “Send  me  regular  sales 
pitches,  oh  please,  oh  please,  oh  please,”  I  must  have 
done  so. 

The  result  was  that  their  messages  were  sent  to 
the  address  I  registered  with,  which  happened  to 
be  an  alias  for  my  normal  e-mail  address.  So  when  I 
sent  my  unsubscribe  request  it  came  from  the  real 
account  and  the  request  failed.  Not  that  I  knew  the 
request  had  failed,  mind  you;  there  was  no  reply. 

Of  course,  I  am  the  only  person  in  the  world  who 
uses  aliases.  And  as  I  am  also  the  only  person  in 
the  world  to  make  this  mistake,  adding  code  to 
reply  to  unsuccessful  unsubscribes  with  “Sorry  but 
we  have  no  record  of  that  address  being  sub¬ 
scribed,”  would  be  a  waste  of  their  time.  Even  so, 
mea  culpa. 

Beating-over-the-head  department:  On  the  other 
hand,  another  company  I  mentioned  as  being  com¬ 


mitted  to  blindly  sending  me  spam,  Diversity 
Business.com,  still  hasn’t  stopped. Three  more  mes¬ 
sages  this  week.  Strange,  strange  people. 

Anti-deceptive  practices  department:  Well,  well, 
well. The  Federal  Trade  Commission  is  doing  some¬ 
thing  about  spyware  even  though  The  Spy  Act  I  dis¬ 
cussed  in  BackSpin  last  week  hasn’t  been  approved 
by  the  Senate  and  thus  is  not  yet  a  law.  Nope,  using 
existing  laws  (which  confirms  one  of  my  points  last 
week),  the  FTC  has  gone  into  attack  mode  against 
arch-spammer  Sanford  Wallace  over  his  companies’ 
use  of  spyware  and  deceptive  marketing  practices. 

One  of  the  things  that  Wallace’s  minions  did  was 
add  a  script  to  Web  pages  so  that  when  you  viewed 
the  page  in  your  browser  the  script  ejected  the  CD 
tray  Now  if  you  weren’t  expecting  such  a  thing  to 
happen  you’d  be  a  bit  surprised.  And  when  your 
Web  browser  then  displayed  a  message  to  the 
effect  that  your  system  was  compromised  and  you 
needed  to  do  something  such  as  buy  software  to 
fix  the  problem,  if  you  were  a  naive  consumer  that 
is  exactly  what  you  would  do. 

Wallace’s  companies  not  only  did  that,  but  they 
also  installed  spyware  using  deceptive  links  and 
dialogs  and  flooded  susceptible  PCs  with  pop-ups 
to  get  users  to  buy  their  SpyDeleter  and  SpyWiper 
utilities  and  collect  information  from  users. 

The  FTC’s  civil  lawsuit  claims  that  Wallace  and  his 


companies  violated  federal  laws  that  prohibit 
“unfair  or  deceptive  acts  or  practices  in  or  affecting 
commerce.” 

Wow.  So  consider  this:  Microsoft’s  ads  that  erro¬ 
neously  compare  the  total  ownership  cost  of  Linux 
with  that  of  Windows  and  find  Windows  the  winner 
are  not  considered  unfair  or  deceptive,  while 
Wallace’s  companies’  exploits  are?  The  U.S.  govern¬ 
ment  is  alone  in  this  view  of  Microsoft’s  ads  —  the 
European  Union  (in  agreement  with  everyone  with 
half  a  brain  who  ever  thought  about  the  ads  for  10 
seconds)  thought  otherwise  and  recently  ordered 
Microsoft  to  cut  it  out. 

It  appears  that  because  an  exploit  carried  out  by 
a  really  big,  wealthy  company  is  more  sophisticated 
than  another  carried  out  by  a  small  company  the 
former  should  be  ignored  while  the  latter  gets  the 
full  majesty  of  the  government  focused  on  it. 

I  am  not  in  any  way  defending  Wallace  and  com¬ 
pany  or  suggesting  that  their  evil  ways  shouldn’t  be 
curtailed,  I’m  merely  pointing  out  that  the  law  is 
supposed  to  be  blind  and  applied  equally 
Apparently  the  FTC  suffers  from  selective  blindness. 

Footnote  department:  In  a  blind  panic  over  who 
to  vote  for?  My  friends  at  Infommersion  have  just 
put  up  http://undecidedvote.org/  to  help  you. 

Departmental  memos  to  backspin@gibbs.com. 
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By  Paul  McNamara 

That  Sun-HP  dogfight 

One  of  the  first  things  a  cub  reporter 
learns  in  journalism  school  is  the  differ¬ 
ence  between  "dog  bites  man”  and  “man  bites  dog”  —  the  latter  being  news, 
albeit  of  the  oddball  variety,  and  the  former  being  merely  painful. 

Technology  vendors  barking  at  each  other  is  rarely  news.  However,  one  vendor 
unleashing  its  lawyers  in  an  attempt  to  stop  a  competitor  from  barking?  . .  .That 
has  a  bit  more  bite. 

Welcome  to  Sun  vs.  HP,  a  dogfight  that  features  Sun  President  Jonathan 
Schwartz  and  his  Weblog  on  one  side,  with  an  aggrieved  HP  and  its  in-house 
attorneys  on  the  other. 

I'll  try  to  nutshell  it  for  you:  Schwartz  in  his  blog  and  Sun  in  its  advertising  have 
contended  that  HP’s  Unix  operating  system,  HP-UX,  might  as  well  be  taken  out 
behind  the  barn  and  buried  because  it  has  reached  the  end  of  the  line.  Schwartz 
speaks  of  this  death  in  the  past  tense,  not  merely  as  an  impending  event. 

HP  begs  to  differ.  In  a  letter  to  Sun  from  its  in-house  counsel  and  in  comments 
to  the  press,  HP  has  called  Sun’s  aspersions  against  HP-UX  “unfounded,”  "mis¬ 
statements  of  fact”  and  "misinformation” . . .  pretty  much  everything  but  un- 
American. The  legal  missive  gave  Sun  two  weeks  to  realize  the  error  of  its  ways 
and  make  amends. 

Schwartz  laughed  off  the  letter  while  on  stage  at  the  Vortex  2004  conference 
earlier  this  month.  And  last  week  Sun  told  HP,  in  effect,  “Go  pound  sand.  We're 
not  taking  back  a  word  of  it." 

An  HP  spokeswoman  declined  an  invitation  to  tell  me  the  company's  next  move, 
but  did  say,  "HP  still  expects  Sun  to  correct  misinformation  and  stop  doing  a  dis¬ 
service  to  customers.” 

The  lightning  rod  here  has  been  Schwartz's  blog  —  www.nwfusion.com, 
DocFinder  4241.  It  is  an  unusual  medium  for  such  a  high-level  executive,  but  an 


effective  one  given  the  author's  way  with  words  and  his  willingness  to  tackle  con¬ 
troversial  topics.  (A  Sun  spokesman  told  me  last  week  that  Schwartz's  blog 
entries  are  not  lawyered  before  posting.) 

"I  think  HP  faces  an  enormous  challenge,”  Schwartz  wrote  in  an  Aug.  16  entry. 
“And  it’s  not  related  to  the  cancellation  of  PA-RISC,  or  weakness  in  their  Itanium 
transition.  Or  even  Dell’s  printer  onslaught.” 

"To  me,  HP’s  problems  spawn  from  the  death  of  their  operating  system,  HP- 
UX.  Like  IBM,  they’ve  elected  to  ask  their  customers  and  [independent  software 

vendors]  to  move  to  Red  Hat  Linux  or  Microsoft  Windows  on  x86  systems _ If 

you're  a  customer,  where  does  that  leave  you  with  your  HP-UX  investments? 
Facing  untimely  change  —  with  a  vendor  no  longer  in  charge  of  their  OS.” 

Again,  HP  insists  this  is  so  much  hot  air.  Yet  Sun  last  week  answered  HP’s 
lawyers  with  a  point-by-point  defense  of  its  contentions. 

Who’s  got  the  better  case?  HP  seems  sincere  in  promising  continued  fidelity  to 
HP-UX.  However,  Sun  mounts  a  plausible  case  that  HP’s  actions  belie  its  words. 

Who’s  right  isn’t  the  point:  What’s  notable  is  that  this  type  of  vendor  vs.  vendor 
dust-up  is  as  common  as,  well,  dust.  Given  that  fact,  what  is  it  about  Sun’s  offen¬ 
sive  that  would  motivate  HP  to  sic  the  lawyers  on  them? 

"At  the  end  of  the  day,  Sun  should  be  held  accountable  for  its  marketing 
claims,"  the  HP  spokesperson  told  me. 

HP  would  be  better  served  to  heed  the  famous  words  of  Supreme  Court  Justice 
Louis  Brandeis,  who,  though  he  pondered  free  speech  long  before  the  Internet, 
nevertheless  got  it  right:  "If  there  be  time  to  expose  through  discussion  the  false¬ 
hood  and  fallacies,  to  avert  the  evil  by  the  process  of  education,  the  remedy  to  be 
applied  is  more  speech,  not  enforced  silence.” 

Brandeis  was  referring  to  government  enforcement,  of  course,  but  the  principle 
ought  to  apply  to  bare-knuckled  business  brawls  as  well. 

HP  isn’t  going  to  win  this  fight  with  lawyers  —  and  shouldn’t  even  try. 

Direct  amicus  briefs  to  buzz@nww.com. 
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I  NetVanta  1224STR 


NetVanta  1224STR 
The  functionality  of  five 
devices  for  the  price  of  one 


Lower  the  cost  of  enterprise  connectivity  with  the  powerful  new 
NetVanta  1224STR.  This  full-function  WAN/ LAN  access  platform 
does  the  work  of five  devices  for  the  price  of  one.  Suitable  for  networks 
of  any  size,  the  NetVanta  1224STR  offers  everything  you  need  to  bring 
a  branch  office  or  remote  location  online,  including  managed  Layer  2 
Ethernet  switching,  full-featured  IP  routing ;  firewall  protection,  VPN, 
andWAN  termination — all  in  a  compact  1U  chassis.  It  is  QoS,  VLAN, 
and  Gigabit  Ethernet  capable,  and  offers  affordable  dial  backup  and 
voice  options.  ADTRAN’s  new  NetVanta  1000  Series  is  backed  by  a 
100%  satisfaction  guarantee,  including  unlimited  technical  support, 
free  firmware  upgrades,  and  a  5-year  warranty. 


Register  to  win  a  free  NetVanta  1224STR  now 
www. adtran.com/info/winnetvanta  1224 


Available  at  a  price  point  well  below  competing 
multi-box  solutions,  the  NetVanta  1224STR 
will  change  the  way  you  connect  remote  locations. 


877.591.3055  Technical  Questions 
877.280.8416  Where  to  Buy 


The  NetVanta  Series 


NetVanta  3000  Series 
IP  Routers 


NetVanta  2000  Series 
Firewalls/VPN 


NetVanta  1000  Series 
Integrated  Switch-Router  Platforms 
Managed  Layer  2  Ethernet  Switches 


The  Network  Access  Company 


Copyright©2004  ADTRAN,  Inc.  All  rights  reserved.  ADTRAN  and  NetVanta  are  registered  trademarks  of  ADTRAN,  Inc. 
Five-year  warranty  applies  in  North  America  and  Europe.  EN70D092704NW 


Dare  to  Compare! 

NetVanta 

1224STR 

Managed,  24-Port 

Layer  2  Switch 

✓ 

IP  Access  Router 

✓ 

Stateful  Inspection  Firewall 

✓ 

DSU/CSU 

✓ 

Gigabit  Ethernet  Uplinks 

✓ 

QoS 

✓ 

VLAN  trunking 

✓ 

Stacking 

✓ 

Command  Line  Interface  (CLI) 

✓ 

Intuitive  Web  GUI 

✓ 

ADTRAN  OS 

✓ 

Optional  Virtual  Private 
Networking 

✓ 

Optional  Dial  Backup 

✓ 

Optional  PBX  Connectivity 

✓ 

Unlimited  Telephone 

Technical  Support 

✓ 

Free  Firmware  Updates 

✓ 

5- Year  Warranty 

✓ 

SINGLE  PLATFORM, 
MULTIPLE  CREDENTIALS 


ONE  SOLUTION  FOR 
WINDOWS  LOG-ON,  VPN, 
AND  WI-FI  ACCESS 
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NEXT-GENERATION  TOKEN 
<*>-- 


OPEN  STANDARDS, 
PROVEN  INFRASTRUCTURE 


{*)  UP  TO  40%  LOWER  TCO 


Introducing  VeriSign'  Unified  Authentication:  an  open,  extensible  platform  plus 
next-generation  devices,  all  designed  to  integrate  with  your  existing  infrastructure. 
Deploy  multipurpose  credentials  that  support  Windows  log-on,  VPN,  Wi-Fi  roaming, 
and  application  security.  Scale  your  network  security  to  meet  the  authentication 
demands  of  employees,  customers,  and  business  partners.  And  reduce  your  TCO  up 
to  40%  — without  getting  locked  into  a  proprietary  system.  For  more,  visit 
www.verisign.com/unified-authentication.  VeriSign.  Where  it  all  comes  together.™ 


2004  VeriSign,  Inc  All  rights  reserved.  VeriSign.  the  VeriSign  logo.  "Where  it  all  comes  together."  and  other  trademarks,  service  marks,  and  designs  are  registered  or  unregistered 
trademarks  of  VeriSign  and  its  subsidiaries  in  the  United  States  and  in  foreign  countries.  Windows  is  a  registered  trademark  of  Microsoft  Corporation. 


